58116 matches found
RHSA-2026:4713 Red Hat Security Advisory: python3.12 security update
Bulletin has no description...
Security update for 389-ds
This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: Resolve python build error that caused lib389 to be missing some librarie...
SUSE-SU-2026:0915-1 Security update for 389-ds
This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: - Resolve python build error that caused lib389 to be missing some...
Malicious code in rowrap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 606ce541a3ef4a98e4e1639e96c6431e7ec83be6f987c640a63c03991eae4f6e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
Malicious code in aniresolve (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c29943544c9e6ba7e0a3075c393fa1fa89673c99b73634c0263ef164e52ac306 Package hides code that downloads and runs malware, likely an infostealer. The code is not directly called in the package suggesting it's a dependency or next...
RLSA-2023:7042 Moderate: python27:2.7 security and bug fix update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...
RLSA-2023:5998 Important: python39:3.9 and python39-devel:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
RLSA-2023:5994 Important: python27:2.7 security update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...
python27:2.7 security and bug fix update
An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python-psycopg2, python2-six, module.python-funcsigs, module.python-pygments,...
python27:2.7 security update
An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python2-six, module.python-funcsigs, module.python-pygments,...
python39:3.9 and python39-devel:3.9 security update
An update is available for module.python-cffi, module.python-more-itertools, python-cffi, python-chardet, python-attrs, module.numpy, python-ply, module.python3x-pyparsing, module.python-psutil, python-wcwidth, python-pycparser, python-psutil, module.python-chardet, module.python-pluggy,...
CVE-2026-32981
A path traversal flaw has been identified in Ray Dashboard in the Ray Pypi package. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences e.g., ../ to access files outside the intended static directory,...
DEBIAN-CVE-2026-27459
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....
DEBIAN-CVE-2026-27448
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...
CVE-2026-27459
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....
CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
python-pyasn1 security update
0.1.9-7.0.1 - Fixes CVE-2026-23490 fixes potential memory exhaustion Orabug: 39060516...
EulerOS Virtualization 2.13.0 : python-pip (EulerOS-SA-2026-1631)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn'...
PT-2026-26217
Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.3 and prior Description NLTK Natural Language Toolkit contains a reflected cross-site scripting XSS issue in the lookup ... route of nltk.app.wordnet app. A crafted lookup URL can inject arbitrary HTML/JavaScript into the...
openSUSE Security Advisory (SUSE-SU-2026:0900-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...