Lucene search
K

19 matches found

Redos
Redos
added 2026/05/05 12:0 a.m.7 views

ROS-20260505-73-0058

Vulnerability in python3.12 related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

5.9CVSS7.5AI score0.00463EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/09 9:6 a.m.8 views

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.1CVSS6AI score0.00308EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.12 views

CVE-2023-45396

An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...

6.5CVSS6.8AI score0.00382EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/11 12:30 p.m.3 views

EUVD-2025-33841

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

4.9CVSS6.1AI score0.0027EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-47520

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00392EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2024-c1d8fd5694)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02203EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:31 a.m.6 views

CVE-2022-4931

The BackupWordPress plugin for WordPress is vulnerable to information disclosure in versions up to, and including 3.12. This is due to missing authorization on the heartbeatreceived function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with...

4.3CVSS6.2AI score0.00458EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:25 a.m.9 views

CVE-2012-3871

Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...

3.5CVSS5.4AI score0.00802EPSS
Exploits2References1
OSV
OSV
added 2024/12/11 11:24 a.m.6 views

SUSE-SU-2024:4291-1 Security update for python312

This update for python312 fixes the following issues: - CVE-2024-12254: Fixed unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290 Other fixes: - Updated to version 3.12.8 - Remove -IVendor/ from python-config bsc1231795...

8.7CVSS7.5AI score0.0188EPSS
Exploits0References4
OSV
OSV
added 2024/11/19 1:22 p.m.6 views

USN-7116-1 python3.10, python3.12, python3.8 vulnerability

It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated...

7.8CVSS7.2AI score0.00647EPSS
Exploits0References2
OSV
OSV
added 2024/07/10 4:15 p.m.3 views

CVE-2023-33859

IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697...

5.3CVSS5.7AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 9:15 p.m.2 views

CVE-2023-47544

Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...

6.1CVSS7.3AI score0.00412EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/11 12:0 a.m.3 views

Elenos ETG150 Security Vulnerability

The Elenos ETG150 is an FM transmitter from Elenos. A security vulnerability exists in the Elenos ETG150 FM transmitter version 3.12, which originates from an insecure direct object reference IDOR that occurs when an application provides direct access to an object based on user-supplied input...

6.5CVSS6.8AI score0.00382EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/08/22 7:16 p.m.4 views

CVE-2022-25024

The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service...

7.5CVSS5.8AI score0.01048EPSS
Exploits1References5
OSV
OSV
added 2023/06/23 7:15 p.m.6 views

CVE-2023-34673

Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases...

6.5CVSS5.7AI score0.00701EPSS
Exploits1References2
OSV
OSV
added 2022/09/06 6:15 p.m.3 views

CVE-2022-1697

Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the documentation...

3.9CVSS5.8AI score0.00243EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/05/11 12:0 a.m.3 views

Coder Code-Server 跨站脚本漏洞

Coder Code-Server is a U.S. Coder company based on Microsoft's open source Visual Studio Code development products. It is used to build a convenient and unified development environment for developers. A security vulnerability exists in Coder Code-Server versions prior to 3.12.0, which can be...

6.1CVSS6.9AI score0.00773EPSS
Exploits1References2
CNVD
CNVD
added 2021/01/22 12:0 a.m.4 views

Delta Electronics ISPSoft Access Control Error Vulnerability

Delta Electronics ISPSoft is a set of PLC Programmable Logic Controller programming software from Delta Electronics, Taiwan, China. An Access Control Error Oh vulnerability exists in Delta Electronics ISPSoft v3.12 and prior, which arises when a networked system or product does not properly...

7.8CVSS7.3AI score0.01252EPSS
Exploits0References1
OSV
OSV
added 2020/01/19 11:11 p.m.11 views

OPENSUSE-SU-2020:0079-1 Security update for glusterfs

This update for glusterfs fixes the following issues: glusterfs was update to release 3.12.15: Fixed a number of bugs and security issues: - CVE-2018-1088, CVE-2018-1112 boo1090084, CVE-2018-10904 boo1107018, CVE-2018-10907 boo1107019, CVE-2018-10911 boo1107020, CVE-2018-10913 boo1107021,...

8.8CVSS7.3AI score0.05374EPSS
Exploits1References29
Rows per page
Query Builder