194 matches found
EUVD-2022-30556
Malicious code in bioql PyPI...
EUVD-2025-5930
Malicious code in bioql PyPI...
EUVD-2023-35485
Malicious code in bioql PyPI...
Improper Handling of Unicode Encoding
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding in the CKEditor file upload endpoint. An attacker can probing internal network endpoints by...
OESA-2025-2305 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2303 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2302 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
CLSA-2025-1755270833 Fix CVE(s): CVE-2025-1795
SECURITY UPDATE: incorrect unicode encoding of separating comma in folded address list - debian/patches/CVE-2025-1795.patch: Fix misfolding of comma in address- lists over multiple lines in combination with unicode encoding - CVE-2025-1795...
Improper Handling of Unicode Encoding
Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding through the JDBC verification process. An attacker can manipulate the application behaviour by injecting malicious data into serialised objects. Note: This is a bypass for the vulnerability previous...
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL...
ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
A flaw was found in Ghostscript/base/gputf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories...
BIT-PYTHON-2025-1795 Mishandling of comma during folding and unicode-encoding of email headers
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
Mishandling of comma during folding and unicode-encoding of email headers
...
Amazon Linux 2 : python3 (ALAS-2025-2808)
The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2808 advisory. During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the...
Low: python3
Issue Overview: During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header bein...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-1795: Fixed mishandling of comma during folding and unicode-encoding of email headers bsc1238450. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-1795: Fixed mishandling of comma during folding and unicode-encoding of email headers bsc1238450. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
OESA-2025-1254 musl security update
musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...
SUSE CVE-2025-1795
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...