[SECURITY] Fedora 38 Update: mingw-python-OWSLib-0.28.1-1.fc38

MinGW Windows Python OWSLib library...

Webpower UPS 5.53 Denial Of Service Exploit

Exploit Title: Webpower UPS v5.53 HTTP Denial of Service Exploit Author: Yehia Elghaly Vendor Homepage: https://www.eaton.com/ae/en-gb.html Software Link: https://www.eaton.com/ae/en-gb.html Version: Revision v5.53 Tested on: WebPower UPS CVE: N/A !/usr/bin/env python Webpower UPS v5.53 HTTP Deni...

[SECURITY] Fedora 38 Update: mingw-python-werkzeug-2.2.3-1.fc38

MinGW Windows Python Werkzeug library...

[SECURITY] Fedora 38 Update: python-django3-3.2.18-1.fc38

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 38 Update: python-cryptography-37.0.2-8.fc38

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2022:2248-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2248-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the...

Exploit for Deserialization of Untrusted Data in Ibm Aspera_Faspex

CVE-2022-47986 Why This vulnerability is exploited in the...

Webpower UPS 5.53 Denial Of Service

Exploit Title: Webpower UPS v5.53 HTTP Denial of Service Date: 2023-03-09 Exploit Author: Yehia Elghaly Vendor Homepage: https://www.eaton.com/ae/en-gb.html Software Link: https://www.eaton.com/ae/en-gb.html Version: Revision v5.53 Tested on: WebPower UPS CVE: N/A !/usr/bin/env python Webpower UP...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2023-1513)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

org.xwiki.platform:xwiki-platform-panels-ui vulnerable to Eval Injection

Impact Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of UIX parameters A proof of concept exploit is to log in, add an XWiki.UIExtensionClass xobject to the user profil...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2023:1091 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2023-27476

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...

Debian: Security Advisory (DLA-717-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-475-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-520-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-773-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : python (EulerOS-SA-2023-1513)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA R...

Ubuntu: Security Advisory (USN-5931-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-27476

OWSLib (Python) has a vulnerability in its XML parser that does not disable entity resolution, enabling potential arbitrary file reads from attacker-controlled XML payloads across all XML parsing in the codebase. Affected versions prior to 0.28.1; remediation is to upgrade to 0.28.1 or apply the ...

CVE-2023-27476

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...