Lucene search
K

87 matches found

CVE
CVE
added 2026/06/24 1:20 p.m.16 views

CVE-2026-57298

CVE-2026-57298: A CSRF in the Jenkins Contrast Continuous Application Security Plugin (version 3.11 and earlier) allows an attacker to cause Jenkins to access an attacker-specified URL using attacker-specified username, API key, and service key. Affected: Jenkins Contrast Continuous Application S...

5.4CVSS5.8AI score0.00101EPSS
Exploits0References1
Jenkins Security Advisories
Jenkins Security Advisories
added 2026/06/24 12:0 a.m.7 views

Missing permission checks in contrast-continuous-application-security allow enumerating Contrast metadata

contrast-continuous-application-security 3.11 and earlier does not perform permission checks in several HTTP endpoints that fill list box options with the names of the configured Contrast metadata. This allows attackers with Overall/Read permission to enumerate the names of configured Contrast...

4.3CVSS5.8AI score0.00167EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44002

A flaw was found in vm2 before 3.11.0. The CallSite wrapper blocks getThis and getFunction but returns unsanitized host absolute paths from getFileName, allowing sandboxed code to learn host directory layout, library paths, and framework versions. Fixed in 3.11.0...

5.8CVSS5.8AI score0.00241EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.14 views

ArmCode Arm Whois 安全漏洞

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of Arm Whois contains a security vulnerability; this vulnerability stems from a buffer overflow, which could allow local attackers to cause the application to crash by providing excessively long input...

6.9CVSS6AI score0.0014EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:4052)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4052 advisory. - kubernetes: Bearer tokens written to logs at high verbosity levels = 7 CVE-2019-11250 Note that Nessus has not tested for this issue but ha...

6.5CVSS7.3AI score0.01766EPSS
Exploits0References5
Fedora
Fedora
added 2026/04/28 1:35 a.m.11 views

[SECURITY] Fedora 44 Update: python3.11-3.11.15-4.fc44

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

9.1CVSS5.4AI score0.00621EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

RHEL 8 : python3.11 (RHSA-2026:9591)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9591 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.6 views

RockyLinux 9 : python3.11 (RLSA-2026:6286)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6286 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 5:16 p.m.6 views

CVE-2025-65734

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

5.4CVSS0.00242EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/16 12:0 a.m.2 views

CVE-2025-65734

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

6.2AI score0.00242EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/16 12:0 a.m.27 views

CVE-2025-65734

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

0.00242EPSS
Exploits1References4
OSV
OSV
added 2026/03/12 1:48 p.m.8 views

CLSA-2026-1773323311 python3.11: Fix of CVE-2025-6075

CVE-2025-6075: fix quadratic complexity in os.path.expandvars...

5.5CVSS6AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 10:9 a.m.7 views

RHSA-2026:1704 Red Hat Security Advisory: python3.11-urllib3 security update

Bulletin has no description...

7.5CVSS5.1AI score0.02667EPSS
Exploits0References21
OSV
OSV
added 2026/02/06 10:8 a.m.6 views

RHSA-2026:2084 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

7.5CVSS4.9AI score0.01525EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : python3.11-3.11.5-1.el9_3 (AXSA:2023-6966:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6966:07 advisory. python: tarfile module directory traversal CVE-2007-4559 python: file path truncation at \0 characters CVE-2023-41105 Tenable has extracted the...

9.8CVSS7.8AI score0.27095EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002067 advisory. drivers/hid/hid-ntrig.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDNTRIG is enabled, allows physically proximate...

4.7CVSS7.8AI score0.0038EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.7 views

PT-2025-44764

Name of the Vulnerable Software and Affected Versions NetSurf version 3.11 Description NetSurf version 3.11 contains a Use After Free issue within the dom node set text content function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

6.5CVSS6.5AI score0.00296EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.6 views

NetSurf 安全漏洞

NetSurf is a lightweight browser from the NetSurf organization. A security vulnerability exists in NetSurf version v3.11 that originates from reading uninitialized heap memory when creating a domevent structure...

6.5CVSS6.5AI score0.00337EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.7 views

PT-2025-44770

Name of the Vulnerable Software and Affected Versions Netsurf version 3.11 Description An issue exists in NetSurf version 3.11 where the application reads uninitialized heap memory during the creation of a dom event structure. Recommendations At the moment, there is no information about a newer...

6.5CVSS6.5AI score0.00337EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/10/25 12:0 a.m.9 views

Fedora 43 : python3.11 (2025-604874b148)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-604874b148 advisory. Update to 3.11.14 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

5.6AI score
Exploits0References1
Rows per page
Query Builder