Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2025-2399)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for...

5.3CVSS7AI score0.00846EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:41 a.m.4 views

Security Bulletin: IBM Truststore Manager uses urllib3-2.4.0-py3-none-any.whl and requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2025-50181 and CVE-2025-50182

Summary IBM Truststore Manager uses urllib3-2.4.0-py3-none-any.whl and requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2025-50181 and CVE-2025-50182. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION:...

6.1CVSS6.5AI score0.00846EPSS
Exploits2Affected Software1
OSV
OSV
added 2025/06/09 6:15 p.m.3 views

ALPINE-CVE-2024-47081

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be...

5.3CVSS6.8AI score0.00846EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2023/06/20 6:50 p.m.20 views

When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by Id

Impact If you used the apiPrefilter option of the @Entity decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the id of an entity instance she is not authorized to access, can gain read, update and delete access to it...

6.3CVSS10AI score0.00546EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/08/21 12:0 a.m.6 views

FUEL CMS Cross-Site Request Forgery Vulnerability (CNVD-2021-18031)

FUEL CMS is a content management system CMS based on the Codelgniter framework. A cross-site request forgery vulnerability exists in the blocks/create/Create Blocks section of the Admin console in FUEL CMS version 1.4.4. The vulnerability stems from the WEB application not adequately verifying th...

8.8CVSS6.6AI score0.00709EPSS
Exploits1References1
Rows per page
Query Builder