58367 matches found
CVE-2025-14714
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
Security update for python311
This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...
SUSE-SU-2025:4257-2 Security update for python311
This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305...
CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
EUVD-2025-203361
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
CVE-2025-14714
CVE-2025-14714 affects LibreOffice on macOS (25.2.x) prior to 25.2.4. The root cause is an Authentication Bypass where the application bundles a Python interpreter that inherits the user’s TCC permissions; executing the bundled interpreter directly causes attacker scripts to run with the applicat...
CVE-2025-14714
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
ThreatExploiter
🔴 ThreatExploiter Automated Network Penetration Testing & E...
PT-2025-51211
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
SUSE SLES15 Security Update : python-eventlet (SUSE-SU-2025:03051-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03051-1 advisory. - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Tenable has extracted the...
SUSE SLED15 / SLES15 Security Update : python-future (SUSE-SU-2025:03049-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03049-1 advisory. - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Tenable has...
Debian dla-4408 : python-apt-common - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4408 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4408-1 [email protected] https://www.debian.org/lts/security/...
openSUSE 15 Security Update : python-maturin (SUSE-SU-2025:03082-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03082-1 advisory. - CVE-2025-58160: terminal escape injection via ANSI sequences from untrusted input bsc1249011. Tenable has extracted the preceding description block direct...
📄 flatCore 1.5 Shell Upload
flatCore version 1.5 proof of concept remote shell upload exploit. ============================================================================================================================================= | Title : flatCore 1.5 Advanced File Upload Exploit | | Author : indoushka | | Tested on...
Fedora 43 : python3.13 (2025-6407a7ee7e)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6407a7ee7e advisory. This is the eleventh maintenance release of Python 3.13 Tenable has extracted the preceding description block directly from the Fedora security...
RHEL 10 : python3.12 (RHSA-2025:14984)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14984 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...
SUSE SLED15: libpython3_6m1_0 / libpython3_6m1_0-32bit / python3 / python3-base / etc (SUSE-SU-2025:02778-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02778-1 advisory. - CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler...
📄 Figma Desktop Application 125.6.5 Remote Code Execution
Figma Desktop Application version 125.6.5 proof of concept remote code execution exploit that leverages the plugin manifest. ============================================================================================================================================= | Title : Figma Desktop...
openSUSE Security Advisory (SUSE-SU-2025:4389-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...