Lucene search
K

86 matches found

RedHat Linux
RedHat Linux
added 5 days ago8 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.14: python3.14-3.14.6-1.3.hum1 aarch64, x8664 python3.14-debug-3.14.6-1.3.hum1 aarch64, x8664 python3.14-devel-3.14.6-1.3.hum1 aarch64, x8664 python3.14-freethreading-3.14.6-1.3.hum1...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/05 7:25 p.m.10 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.14: python3.14-3.14.6-1.2.hum1 aarch64, x8664 python3.14-debug-3.14.6-1.2.hum1 aarch64, x8664 python3.14-devel-3.14.6-1.2.hum1 aarch64, x8664 python3.14-freethreading-3.14.6-1.2.hum1...

8.2CVSS5.9AI score0.00433EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.13 views

AlmaLinux 9 : python3.14 (ALSA-2026:28247)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28247 advisory. python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open API CVE-2026-4786 python: Python: Cross-Site Scripting XSS...

7.1CVSS7.6AI score0.0029EPSS
Exploits1References4
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28581 Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

Bulletin has no description...

7.1CVSS5.7AI score0.0029EPSS
Exploits1References18
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28247 Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

Bulletin has no description...

7.1CVSS5.8AI score0.0029EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2026/06/23 10:55 a.m.11 views

Important: Red Hat Security Advisory: python3.14-urllib3 security update

An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/23 1:8 a.m.5 views

[SECURITY] Fedora 44 Update: python3.14-3.14.6-1.fc44

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

7.5CVSS5.8AI score0.0079EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.4 views

Oracle Linux 9 : python3.14 (ELSA-2026-19176)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19176 advisory. - Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100 Resolves: RHEL-167918, RHEL-168160 - Security fixes for CVE-2026-2297,...

9.1CVSS7AI score0.00621EPSS
Exploits0References10
CVE
CVE
added 2026/06/22 4:40 p.m.44 views

CVE-2026-54280

CVE-2026-54280 affects the AIOHTTP project (async HTTP client/server for asyncio/Python). Before version 3.14.1, payload resources may not be closed correctly if a client disconnects mid-write, allowing temporary resource starvation when a payload uses a limited resource (e.g., open files). The i...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 4:38 p.m.3 views

CVE-2026-54278 AIOHTTP: Unread Compressed Request Bodies Bypass client_max_size During Cleanup

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...

8.7CVSS5.9AI score0.00279EPSS
Exploits0References4
CVE
CVE
added 2026/06/22 4:34 p.m.38 views

CVE-2026-54275

CVE-2026-54275 (aiohttp) affects the aiohttp package prior to 3.14.1. The issue is a TLS server_hostname SNI check bypass that occurs when an existing connection is reused for multiple requests with different per-request server_hostname values. As a result, later requests to the same domain may r...

7.5CVSS5.8AI score0.00266EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/18 2:13 p.m.7 views

CVE-2026-50141

Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...

7.1CVSS5.4AI score0.00246EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.23 views

aioHTTP < 3.14.0 Multiple Vulnerabilities

The version of aioHTTP installed on the remote host is prior to 3.14.0. It is, therefore, affected by multiple vulnerabilities: - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using CookieJar.load with untrusted input may allow arbitrary...

8.7CVSS5.8AI score0.0015EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.14 views

Medium: python3.14

Issue Overview: The "tarfile" module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other...

9.8CVSS5.4AI score0.0079EPSS
Exploits1
OSV
OSV
added 2026/06/05 11:16 p.m.9 views

UBUNTU-CVE-2026-45409

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

6.9CVSS5.4AI score0.00408EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 10:15 a.m.8 views

CVE-2026-21033

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

6.9CVSS5.8AI score0.00093EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 10:15 a.m.28 views

CVE-2026-21033

The CVE-2026-21033 entry concerns Samsung Assistant, specifically the ExpressHomeWidgetReceiver component. The flaw is described as an improper export of Android application components that, in versions prior to 9.3.14, can allow a local attacker to execute arbitrary scripts. The available docume...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:15 a.m.6 views

CVE-2026-21033

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

6.9CVSS5.8AI score0.00093EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/05 10:15 a.m.43 views

CVE-2026-21032

Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

6.9CVSS0.00093EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41956

Name of the Vulnerable Software and Affected Versions idna versions prior to 3.14 Description A specially crafted argument passed to the idna.encode function can consume significant system resources, potentially leading to a denial-of-service. This occurs because payloads containing specific...

9.8CVSS6.4AI score0.00408EPSS
Exploits0References312
Rows per page
Query Builder