Lucene search
K

58389 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2025-1308)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1308 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding environmentvariables. CVE-2025-6075 Tenable has extracted the preceding description bloc...

5.5CVSS6.4AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.10 views

Debian dla-4377 : python-gevent-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4377 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4377-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS7.9AI score0.01334EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.2 views

RHEL 7 : python-kdcproxy (RHSA-2025:22982)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22982 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

8.6CVSS5.7AI score0.00463EPSS
Exploits0References6
OSV
OSV
added 2025/12/08 11:54 p.m.6 views

MAL-2025-192379 Malicious code in helloharry123p (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6e199ebf30ba4e39d4e6bd9fc4d31ffa9f0a7687e21f67e2e6e8c01e3f24717a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
Wolfi
Wolfi
added 2025/12/08 7:48 p.m.5 views

CVE-2025-66471 vulnerabilities

Vulnerabilities for packages: confluent-docker-utils, mlflow, kserve, jupyter-base-notebook, kubeflow-jupyter-web-app, tensorflow-cpu-jupyter, ggshield, open-webui, pypy-3.10, semgrep, airflow, py3-pipenv, kubeflow-volumes-web-app, py3-urllib3, kubeflow-katib, datadog-agent, dask-kubernetes,...

8.9CVSS6.7AI score0.00622EPSS
Exploits0
Wolfi
Wolfi
added 2025/12/08 7:48 p.m.8 views

CVE-2025-66418 vulnerabilities

Vulnerabilities for packages: confluent-docker-utils, mlflow, kserve, jupyter-base-notebook, kubeflow-jupyter-web-app, tensorflow-cpu-jupyter, ggshield, open-webui, pypy-3.10, semgrep, airflow, py3-pipenv, kubeflow-volumes-web-app, py3-urllib3, kubeflow-katib, datadog-agent, dask-kubernetes,...

8.9CVSS6.7AI score0.00622EPSS
Exploits0
Wolfi
Wolfi
added 2025/12/08 7:48 p.m.3 views

GHSA-2XPW-W6GG-JR37 vulnerabilities

Vulnerabilities for packages: confluent-docker-utils, mlflow, kserve, jupyter-base-notebook, kubeflow-jupyter-web-app, tensorflow-cpu-jupyter, ggshield, open-webui, pypy-3.10, semgrep, airflow, py3-pipenv, kubeflow-volumes-web-app, py3-urllib3, kubeflow-katib, datadog-agent, dask-kubernetes,...

5.8AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2025/12/08 4:0 p.m.14 views

Update on React Server Components RCE Vulnerability (CVE-2025-55182 / CVE-2025-66478)

The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged regarding the initial Proof-of-Concept exploit, as well as improved detection methods, exploitation mechanics observed in the wild, and rapidly growing atta...

10CVSS8.6AI score0.99562EPSS
Exploits386
EUVD
EUVD
added 2025/12/08 2:14 p.m.4 views

EUVD-2025-201711

Malicious code in graphnode PyPI...

6.6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/08 3:31 a.m.146 views

Exploit for Improper Input Validation in Drupal

POC-CVE-2018-7600 Drupal vulnerable a CVE-2018-7600 Drupalge...

9.8CVSS7AI score0.99993EPSS
Exploits46
Amazon
Amazon
added 2025/12/08 12:0 a.m.5 views

Low: python3.11

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.11 Issue Correction: Run dnf update python3.11 --releasever 2023.9.20251208 or dnf update --advisory...

5.5CVSS6.5AI score0.00136EPSS
Exploits0
Amazon
Amazon
added 2025/12/08 12:0 a.m.5 views

Low: python3.12

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.12 Issue Correction: Run dnf update python3.12 --releasever 2023.9.20251208 or dnf update --advisory...

5.5CVSS6.5AI score0.00136EPSS
Exploits0
Amazon
Amazon
added 2025/12/08 12:0 a.m.7 views

Low: python3.9

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.9 Issue Correction: Run dnf update python3.9 --releasever 2023.9.20251208 or dnf update --advisory...

5.5CVSS6.5AI score0.00136EPSS
Exploits0
Amazon
Amazon
added 2025/12/08 12:0 a.m.4 views

Low: python3.13

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.13 Issue Correction: Run dnf update python3.13 --releasever 2023.9.20251208 or dnf update --advisory...

5.5CVSS6.5AI score0.00136EPSS
Exploits0
Amazon
Amazon
added 2025/12/08 12:0 a.m.8 views

Medium: python-ldap

Issue Overview: python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue...

6.9CVSS6.7AI score0.00294EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49452

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Network File System Daemon NFSD component of the Linux kernel. Specifically, a crash can occur within the nfsd4 read release function when tracing is enabled,...

6.1AI score0.00161EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.10 views

Amazon Linux 2 : python-ldap, --advisory ALAS2-2025-3083 (ALAS-2025-3083)

The version of python-ldap installed on the remote host is prior to 2.4.15-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3083 advisory. python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00294EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.8 views

Amazon Linux 2 : python3, --advisory ALAS2-2025-3084 (ALAS-2025-3084)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3084 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.7 views

Amazon Linux 2 : python-kdcproxy, --advisory ALAS2-2025-3085 (ALAS-2025-3085)

The version of python-kdcproxy installed on the remote host is prior to 0.3.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3085 advisory. If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by...

8.6CVSS6.2AI score0.00463EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-6966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a...

6.9CVSS5.3AI score0.00122EPSS
Exploits1References2
Rows per page
Query Builder