Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

200 matches found

Tenable Nessus
Tenable Nessusadded 2025/05/13 12:0 a.m.2 views

RHEL 9 : python3.12 (RHSA-2025:7107)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7107 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2025/05/13 12:0 a.m.2 views

RHEL 9 : python3.11 (RHSA-2025:7109)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7109 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References6
OSV
OSVadded 2025/05/13 12:0 a.m.5 views

ALSA-2025:6977 Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS7.3AI score0.01499EPSS
Exploits0References4
OSV
OSVadded 2025/05/13 12:0 a.m.8 views

ALSA-2025:7107 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS7.3AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2025/05/13 12:0 a.m.8 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2025/05/13 12:0 a.m.6 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2025/05/13 12:0 a.m.4 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/05/13 12:0 a.m.3 views

RHEL 9 : python3.9 (RHSA-2025:6977)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:6977 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References6
OSV
OSVadded 2025/04/16 5:15 p.m.3 views

CVE-2025-20236

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user. This vulnerability is due to insufficient inpu...

8.8CVSS6.1AI score
Exploits0References1
OSV
OSVadded 2025/04/14 11:35 a.m.44 views

BIT-PYTHON-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS5.8AI score0.01499EPSS
Exploits0References12
Amazon
Amazonadded 2025/03/26 12:0 a.m.6 views

Medium: python3.9

Issue Overview: The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could...

6.3CVSS7.7AI score0.01499EPSS
Exploits0
Amazon
Amazonadded 2025/02/25 12:0 a.m.30 views

Medium: python3

Issue Overview: The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. CVE-2024-11168 There ...

7.5CVSS7.1AI score0.02303EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/01/31 8:59 p.m.19 views

CVE-2025-0938

A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs...

6.8CVSS6AI score0.01499EPSS
Exploits0References5
NVD
NVDadded 2025/01/31 6:15 p.m.19 views

CVE-2025-0938

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS0.01499EPSS
Exploits0References11
Debian CVE
Debian CVEadded 2025/01/31 5:51 p.m.153 views

CVE-2025-0938

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS6.4AI score0.01499EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2025/01/31 5:51 p.m.7 views

CVE-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS6.5AI score0.01499EPSS
Exploits0References9
Cvelist
Cvelistadded 2025/01/31 5:51 p.m.19 views

CVE-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS0.01499EPSS
Exploits0References9
F5 Networks
F5 Networksadded 2024/11/20 9:7 p.m.25 views

K000148643: Curl vulnerability CVE-2022-27780

Security Advisory Description The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a different URL usingthe wrong host name when it is later retrieved.For example, a URL like http://example.com%2F127.0.0.1/, would be allow...

7.5CVSS6.6AI score0.02187EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2024/11/12 11:5 p.m.24 views

CVE-2024-11168

A flaw was found in Python. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery SSRF if a URL is...

3.7CVSS9.2AI score0.0067EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2024/11/12 9:22 p.m.19 views

CVE-2024-11168

The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser...

6.3CVSS6.4AI score0.0067EPSS
Exploits0
Rows per page
Query Builder