Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10453

Malware in sbrugna...

7.5CVSS7.6AI score0.01199EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.3 views

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2025-1096)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1096 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disab...

6.1CVSS6.3AI score0.004EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.10 views

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-1323)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This...

6.3CVSS6.6AI score0.0067EPSS
Exploits0References2
NVD
NVD
added 2024/06/26 5:15 a.m.43 views

CVE-2024-34581

The W3C XML Signature Syntax and Processing XMLDsig specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...

7.3CVSS0.00248EPSS
Exploits0References5
CVE
CVE
added 2024/06/26 12:0 a.m.71 views

CVE-2024-34581

CVE-2024-34581 concerns the XML Signature Syntax and Processing (XMLDsig) RetrievalMethod usage, where SSRF risks may arise in implementations that process KeyInfo/RetrievalMethod data. The initial description notes that mitigations were added in XMLDsig 1.1 and 2.0 via a Best Practices document....

7.3CVSS6.5AI score0.00248EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/03/23 12:0 a.m.33 views

Fedora 32 : moodle (2021-50f63a0161)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-50f63a0161 advisory. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

5.4CVSS6AI score0.01307EPSS
Exploits2References6
Rows per page
Query Builder