19 matches found
ROS-20260505-73-0058
Vulnerability in python3.12 related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
Important: Red Hat Security Advisory: python3.12 security update
An update for python3.12 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
CVE-2023-45396
An Insecure Direct Object Reference IDOR vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12...
EUVD-2025-33841
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
EUVD-2022-47520
Malicious code in bioql PyPI...
Fedora: Security Advisory (FEDORA-2024-c1d8fd5694)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-4931
The BackupWordPress plugin for WordPress is vulnerable to information disclosure in versions up to, and including 3.12. This is due to missing authorization on the heartbeatreceived function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with...
CVE-2012-3871
Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...
SUSE-SU-2024:4291-1 Security update for python312
This update for python312 fixes the following issues: - CVE-2024-12254: Fixed unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290 Other fixes: - Updated to version 3.12.8 - Remove -IVendor/ from python-config bsc1231795...
USN-7116-1 python3.10, python3.12, python3.8 vulnerability
It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated...
CVE-2023-33859
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697...
CVE-2023-47544
Unauth. Stored Cross-Site Scripting XSS vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin = 3.12 versions...
Elenos ETG150 Security Vulnerability
The Elenos ETG150 is an FM transmitter from Elenos. A security vulnerability exists in the Elenos ETG150 FM transmitter version 3.12, which originates from an insecure direct object reference IDOR that occurs when an application provides direct access to an object based on user-supplied input...
CVE-2022-25024
The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service...
CVE-2023-34673
Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases...
CVE-2022-1697
Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the documentation...
Coder Code-Server 跨站脚本漏洞
Coder Code-Server is a U.S. Coder company based on Microsoft's open source Visual Studio Code development products. It is used to build a convenient and unified development environment for developers. A security vulnerability exists in Coder Code-Server versions prior to 3.12.0, which can be...
Delta Electronics ISPSoft Access Control Error Vulnerability
Delta Electronics ISPSoft is a set of PLC Programmable Logic Controller programming software from Delta Electronics, Taiwan, China. An Access Control Error Oh vulnerability exists in Delta Electronics ISPSoft v3.12 and prior, which arises when a networked system or product does not properly...
OPENSUSE-SU-2020:0079-1 Security update for glusterfs
This update for glusterfs fixes the following issues: glusterfs was update to release 3.12.15: Fixed a number of bugs and security issues: - CVE-2018-1088, CVE-2018-1112 boo1090084, CVE-2018-10904 boo1107018, CVE-2018-10907 boo1107019, CVE-2018-10911 boo1107020, CVE-2018-10913 boo1107021,...