Lucene search
K

58385 matches found

CVE
CVE
added 2025/12/18 8:24 p.m.11 views

CVE-2025-13911

CVE-2025-13911 affects Inductive Automation Ignition SCADA, where Python scripting is used for automation. The root cause is insufficient controls on which Python libraries can be imported/executed within the scripting environment, paired with an Ignition service account that has system-level Win...

7.3CVSS6.8AI score0.00221EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/18 8:24 p.m.18 views

CVE-2025-13911 Inductive Automation Ignition Execution with Unnecessary Privileges

The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting environment. The core issu...

7.3CVSS0.00221EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/18 8:24 p.m.4 views

CVE-2025-13911 Inductive Automation Ignition Execution with Unnecessary Privileges

The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting environment. The core issu...

7.3CVSS6.8AI score0.00221EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/18 7:50 p.m.2 views

EUVD-2025-204391

Malicious code in f5rest PyPI...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/12/18 7:50 p.m.8 views

MAL-2025-192609 Malicious code in f5rest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f8084e3c4c369a7dc22b67657aa22f3faf8e9b98df2721c9ff4e4c17d36fe028 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
EUVD
EUVD
added 2025/12/18 7:50 p.m.3 views

EUVD-2025-204392

Malicious code in f5-logger PyPI...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/18 7:50 p.m.8 views

Malicious code in f5-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc7c52cb0573811c8391ab93a1a04c99826ebc3fffb98aa82cfe8deb4e58fc1d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/12/18 7:50 p.m.6 views

MAL-2025-192608 Malicious code in f5-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc7c52cb0573811c8391ab93a1a04c99826ebc3fffb98aa82cfe8deb4e58fc1d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/18 7:49 p.m.6 views

Malicious code in bigip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 87f7e50e3df233ffefcde85171a87ec41d45bbb3d3fb7fbc6da742e9e95b6bb1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
EUVD
EUVD
added 2025/12/18 7:49 p.m.2 views

EUVD-2025-204393

Malicious code in bigip PyPI...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/12/18 2:44 p.m.2 views

SUSE-SU-2025:4487-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. - CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record...

5.5CVSS7.1AI score0.00345EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/18 1:21 p.m.8 views

python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used

A vulnerability was found in Python/CPython that does not disallow configuring an empty list "" for SSLContext.setnpnprotocols, which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information...

6.5CVSS7.5AI score0.00744EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/18 1:21 p.m.5 views

python: Quadratic complexity in os.path.expandvars() with user-controlled template

A vulnerability in Python’s os.path.expandvars function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denia...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/18 1:21 p.m.4 views

cpython: Python HTMLParser quadratic complexity

A denial-of-service DoS vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource...

4.3CVSS5.7AI score0.00462EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/12/18 1:21 p.m.2 views

Moderate: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

6.5CVSS6.6AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/18 1:19 p.m.7 views

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.3CVSS6.6AI score0.00345EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/18 1:19 p.m.5 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.2AI score0.00345EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2025/12/18 12:10 p.m.2 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...

7.8CVSS7.1AI score0.00407EPSS
Exploits0References22
OSV
OSV
added 2025/12/18 12:10 p.m.2 views

SUSE-SU-2025:4478-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-90...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2025/12/18 12:10 p.m.2 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...

7.8CVSS6.9AI score0.00407EPSS
Exploits0References22
Rows per page
Query Builder