Lucene search
+L

13 matches found

NVD
NVD
added 2026/06/16 5:16 p.m.16 views

CVE-2026-12003

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS0.00136EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/16 3:18 p.m.9 views

EUVD-2026-37125

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Untrusted Search Path (CVE-2020-15801)

In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

9.8CVSS6.9AI score0.03104EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

PyInstaller 代码注入漏洞

PyInstaller is a Python library from the Python Foundation that analyzes your code to discover all the other modules and libraries your scripts need to execute. A code injection vulnerability exists in PyInstaller versions prior to 6.0.0, which stems from improper handling of sys.path and could...

7CVSS7.6AI score0.00114EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/14 6:31 p.m.3 views

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element via the unintended import of a test.py file. An attacker can execute arbitrary code by placing a malicious test.py file in the same directory or within the sys.path that is accessible when the module is...

8.5CVSS7.8AI score0.0029EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:31 p.m.8 views

GHSA-XQRQ-4MGF-FF32 Withdrawn Advisory: Python-Future Module Arbitrary Code Execution via Unintended Import of test.py

Withdrawn Advisory This advisory has been withdrawn because it describes a documented feature of Python’s import system in the handling of sys.path. For more information, see https://github.com/PythonCharmers/python-future/issues/650. Original Description A vulnerability in the Python-Future 1.0....

8.6CVSS6.9AI score0.0029EPSS
Exploits0References7
OSV
OSV
added 2025/08/14 5:15 p.m.3 views

UBUNTU-CVE-2025-50817

A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...

5.4CVSS6.9AI score0.0029EPSS
Exploits0References5
OSV
OSV
added 2025/04/27 1:15 p.m.6 views

CVE-2025-3970

A vulnerability classified as problematic has been found in baseweb JSite up to 1.0. Affected is an unknown function of the file /sys/office/save. The manipulation of the argument Remarks leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed t...

5.4CVSS3.9AI score0.00312EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.18 views

PT-2025-16693

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for this issue Description A vulnerability in the Linux kernel has been resolved, which prevented multiple calls in a row to napi disable, causing a hang. The issue occurred when...

5.5CVSS5.4AI score0.00143EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.5 views

SUSE CVE-2008-4863

Untrusted search path vulnerability in BPYinterface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySysSetArgv function...

6.9CVSS7.6AI score0.00394EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-5983

Untrusted search path vulnerability in the PySysSetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv0 argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse...

6.9CVSS7.5AI score0.00457EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.4 views

SUSE CVE-2015-1341

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function pythonmodulepath...

7.8CVSS7.2AI score0.00429EPSS
Exploits0References3
OSV
OSV
added 2019/08/05 1:15 p.m.6 views

CVE-2016-10769

cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi SEC-162...

6.1CVSS5.8AI score0.00694EPSS
Exploits0References1
Rows per page
Query Builder