Lucene search
K

58367 matches found

NVD
NVD
added 2025/12/15 11:15 a.m.5 views

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

6.5CVSS0.0012EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/12/15 10:33 a.m.3 views

Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...

4.8CVSS6.8AI score0.00345EPSS
Exploits0References8
OSV
OSV
added 2025/12/15 10:33 a.m.1 views

SUSE-SU-2025:4257-2 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305...

5.5CVSS5.7AI score0.00345EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/15 10:30 a.m.2 views

CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

4.3CVSS6.5AI score0.0012EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/15 10:30 a.m.3 views

EUVD-2025-203361

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

4.3CVSS6.4AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 2025/12/15 10:30 a.m.25 views

CVE-2025-14714

CVE-2025-14714 affects LibreOffice on macOS (25.2.x) prior to 25.2.4. The root cause is an Authentication Bypass where the application bundles a Python interpreter that inherits the user’s TCC permissions; executing the bundled interpreter directly causes attacker scripts to run with the applicat...

6.5CVSS6.5AI score0.0012EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2025/12/15 10:30 a.m.3 views

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

6.5CVSS7AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/15 10:30 a.m.26 views

CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

4.3CVSS0.0012EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/15 2:58 a.m.161 views

ThreatExploiter

🔴 ThreatExploiter Automated Network Penetration Testing & E...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.3 views

PT-2025-51211

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

4.3CVSS6.9AI score0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.4 views

SUSE SLES15 Security Update : python-eventlet (SUSE-SU-2025:03051-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03051-1 advisory. - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Tenable has extracted the...

9.1CVSS5.7AI score0.00363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.2 views

SUSE SLED15 / SLES15 Security Update : python-future (SUSE-SU-2025:03049-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03049-1 advisory. - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Tenable has...

5.4CVSS6.9AI score0.00271EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.5 views

Debian dla-4408 : python-apt-common - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4408 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4408-1 [email protected] https://www.debian.org/lts/security/...

6.9CVSS5.5AI score0.00122EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.2 views

openSUSE 15 Security Update : python-maturin (SUSE-SU-2025:03082-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03082-1 advisory. - CVE-2025-58160: terminal escape injection via ANSI sequences from untrusted input bsc1249011. Tenable has extracted the preceding description block direct...

2.3CVSS5.5AI score0.00303EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/12/15 12:0 a.m.197 views

📄 flatCore 1.5 Shell Upload

flatCore version 1.5 proof of concept remote shell upload exploit. ============================================================================================================================================= | Title : flatCore 1.5 Advanced File Upload Exploit | | Author : indoushka | | Tested on...

8.8CVSS7.3AI score0.02254EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.4 views

Fedora 43 : python3.13 (2025-6407a7ee7e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6407a7ee7e advisory. This is the eleventh maintenance release of Python 3.13 Tenable has extracted the preceding description block directly from the Fedora security...

6.3CVSS6.4AI score0.00696EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.8 views

RHEL 10 : python3.12 (RHSA-2025:14984)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14984 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

7.5CVSS6.9AI score0.00611EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.6 views

SUSE SLED15: libpython3_6m1_0 / libpython3_6m1_0-32bit / python3 / python3-base / etc (SUSE-SU-2025:02778-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02778-1 advisory. - CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler...

9.4CVSS7AI score0.01184EPSS
Exploits14References28
Packet Storm
Packet Storm
added 2025/12/15 12:0 a.m.230 views

📄 Figma Desktop Application 125.6.5 Remote Code Execution

Figma Desktop Application version 125.6.5 proof of concept remote code execution exploit that leverages the plugin manifest. ============================================================================================================================================= | Title : Figma Desktop...

8.4CVSS8.2AI score0.01058EPSS
Exploits3
OpenVAS
OpenVAS
added 2025/12/15 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:4389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.8AI score0.00345EPSS
Exploits0References5
Rows per page
Query Builder