58389 matches found
MAL-2025-192432 Malicious code in kzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a81e0fa699edbad810083efb9de4e22f5088c31c22fdf71f7e519269dc5ad01 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
EUVD-2025-202411
Malicious code in bigpyx PyPI...
MAL-2025-192430 Malicious code in bigpyx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a1bcd636394f1505534cf691576b00e8686aa14474e8a209c94f8213310b128 Continuation of the campaign with a slight different obfuscation of the malicious code, but there seems to be no difference in the behavior. The malicious code...
Malicious code in bigpyx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a1bcd636394f1505534cf691576b00e8686aa14474e8a209c94f8213310b128 Continuation of the campaign with a slight different obfuscation of the malicious code, but there seems to be no difference in the behavior. The malicious code...
[SECURITY] Fedora 43 Update: python3-docs-3.14.2-1.fc43
The python3-docs package contains documentation on the Python 3 programming language and interpreter...
[SECURITY] Fedora 43 Update: python3.14-3.14.2-1.fc43
Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...
CVE-2025-67485
mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...
CVE-2025-67485 HTTP/HTTPS Traffic Interception Bypass in mad-proxy
mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...
a-mailx (=0.1.0), ai-security-analyzer (>=0.0.45 <=0.0.55) +16 more potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (>=1.0.4 <=3.0.0)
langgraph-checkpoint-sqlite PYPI version =1.0.4, =0.0.45, =0.1.0a2, =0.4.3, =0.1.0a1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =1.3.41 and more Source cves: CVE-2025-67644 Source advisory: OSV:GHSA-9RWJ-6RC7-P77C...
PT-2025-50296
mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...
Ubuntu: Security Advisory (USN-7916-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-Django (important)
openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2025:0465-1 Rating: important References: 1254437 Cross-References: CVE-2025-13372 CVE-2025-64460 CVSS scores: CVE-2025-13372 SUSE: 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2025-64460 SUSE: 7.5...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : python-apt vulnerability (USN-7916-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7916-1 advisory. Julian Andres Klode discovered that python-apt incorrectly handled deb822 configuratio...
Fedora: Security Advisory (FEDORA-2025-e235793f10)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : python3-docs / python3.14 (2025-e235793f10)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e235793f10 advisory. This is the second maintenance release of Python 3.14 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
python-kdcproxy: Remote DoS via unbounded TCP upstream buffering
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...
Important: Red Hat Security Advisory: python-kdcproxy security update
An update for python-kdcproxy is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Malicious code in helloharry123c (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7d96199434e00bd319016041b6a9d896c57ad5bc13773a87ef01d2096d0d9e36 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2025-202330
Malicious code in helloharry123c PyPI...
MAL-2025-192396 Malicious code in helloharry123c (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7d96199434e00bd319016041b6a9d896c57ad5bc13773a87ef01d2096d0d9e36 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...