Information Exposure

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Information Exposure via the subprocess module. An attacker can access sensitive environment variables, including API keys and credentials, ...

EUVD-2024-1959

Malicious code in bioql PyPI...

CVE-2024-4267

The CVE-2024-4267 entry concerns parisneo/lollms-webui version 9.5, in the open_file (open file) function. The root cause is improper neutralization of elements in a user-controlled file path used by subprocess.Popen, allowing command injection. This enables remote code execution where an attacke...

SUSE-SU-2018:2047-1 Security update for python-dulwich

This update for python-dulwich to version 0.18.5 fixes this security issue: - CVE-2017-16228: Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname bsc1066430. For detailed changes please see...

FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced:...