87 matches found
CVE-2026-57298
CVE-2026-57298: A CSRF in the Jenkins Contrast Continuous Application Security Plugin (version 3.11 and earlier) allows an attacker to cause Jenkins to access an attacker-specified URL using attacker-specified username, API key, and service key. Affected: Jenkins Contrast Continuous Application S...
Missing permission checks in contrast-continuous-application-security allow enumerating Contrast metadata
contrast-continuous-application-security 3.11 and earlier does not perform permission checks in several HTTP endpoints that fill list box options with the names of the configured Contrast metadata. This allows attackers with Overall/Read permission to enumerate the names of configured Contrast...
CVE-2026-44002
A flaw was found in vm2 before 3.11.0. The CallSite wrapper blocks getThis and getFunction but returns unsanitized host absolute paths from getFileName, allowing sandboxed code to learn host directory layout, library paths, and framework versions. Fixed in 3.11.0...
ArmCode Arm Whois 安全漏洞
ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of Arm Whois contains a security vulnerability; this vulnerability stems from a buffer overflow, which could allow local attackers to cause the application to crash by providing excessively long input...
RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:4052)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4052 advisory. - kubernetes: Bearer tokens written to logs at high verbosity levels = 7 CVE-2019-11250 Note that Nessus has not tested for this issue but ha...
[SECURITY] Fedora 44 Update: python3.11-3.11.15-4.fc44
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
RHEL 8 : python3.11 (RHSA-2026:9591)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9591 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
RockyLinux 9 : python3.11 (RLSA-2026:6286)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6286 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...
CVE-2025-65734
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...
CVE-2025-65734
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...
CVE-2025-65734
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...
CLSA-2026-1773323311 python3.11: Fix of CVE-2025-6075
CVE-2025-6075: fix quadratic complexity in os.path.expandvars...
RHSA-2026:1704 Red Hat Security Advisory: python3.11-urllib3 security update
Bulletin has no description...
RHSA-2026:2084 Red Hat Security Advisory: python3.11 security update
Bulletin has no description...
MiracleLinux 9 : python3.11-3.11.5-1.el9_3 (AXSA:2023-6966:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6966:07 advisory. python: tarfile module directory traversal CVE-2007-4559 python: file path truncation at \0 characters CVE-2023-41105 Tenable has extracted the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002067)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002067 advisory. drivers/hid/hid-ntrig.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDNTRIG is enabled, allows physically proximate...
PT-2025-44764
Name of the Vulnerable Software and Affected Versions NetSurf version 3.11 Description NetSurf version 3.11 contains a Use After Free issue within the dom node set text content function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
NetSurf 安全漏洞
NetSurf is a lightweight browser from the NetSurf organization. A security vulnerability exists in NetSurf version v3.11 that originates from reading uninitialized heap memory when creating a domevent structure...
PT-2025-44770
Name of the Vulnerable Software and Affected Versions Netsurf version 3.11 Description An issue exists in NetSurf version 3.11 where the application reads uninitialized heap memory during the creation of a dom event structure. Recommendations At the moment, there is no information about a newer...
Fedora 43 : python3.11 (2025-604874b148)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-604874b148 advisory. Update to 3.11.14 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...