Lucene search
+L

288 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: python3 (CVE-2024-9287)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9287 advisory. - A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a...

7.8CVSS6.7AI score0.00647EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/03/08 8:0 a.m.4 views

Virtual environment (venv) activation scripts don't quote paths

...

7.8CVSS7.3AI score0.00647EPSS
Exploits0
Amazon
Amazon
added 2025/03/06 12:0 a.m.4 views

Medium: python3.11

Issue Overview: A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means...

7.8CVSS7.8AI score0.01499EPSS
Exploits0
Huntr
Huntr
added 2025/03/02 3:6 a.m.7 views

Privilege escalation from writing file into temporary directory to arbitrary code execution

Description The MLFlow temporary directory gets assigned insecure world-writable permissions 0o777. def getorcreatetmpdir: """ Get or create a temporary directory which will be removed once python process exit. """ from mlflow.utils.databricksutils import getreplid, isindatabricksruntime if...

7CVSS7.4AI score0.00215EPSS
Exploits1
Veeam
Veeam
added 2025/02/24 12:0 a.m.71 views

Granular sudo Permissions for Veeam Plug-in for Proxmox VE

Purpose This article provides an example granular 'sudoers' configuration for the Linux account that will be used by Veeam Backup & Replication when managing a Proxmox VE host. Solution Critical Details Before You Begin Review all Considerations and Limitations in the user guide! Most noteworthy:...

5.9AI score
Exploits0Affected Software1
Veeam
Veeam
added 2025/02/24 12:0 a.m.24 views

Release Information for Proxmox Virtual Environment Plug-In v12.1.3.217

Update: 2025-03-19 Consider the following regarding the Proxmox Virtual Environment Plug-In: The Plug-in build on this page, 12.1.3.217, is included automatically when upgrading to or installing Veeam Backup & Replication 12.3.1. The Plug-in only needs to be manually deployed by customers still...

6.6AI score
Exploits0Affected Software2
OSV
OSV
added 2025/02/21 10:17 a.m.6 views

CLSA-2025-1740133056 python3: Fix of CVE-2024-9287

CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References1
OSV
OSV
added 2025/02/21 10:0 a.m.13 views

CLSA-2025-1740132042 python3: Fix of CVE-2024-9287

CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/02/11 11:40 p.m.15 views

K000149756: Python vulnerability CVE-2024-9287

Security Advisory Description A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source...

7.8CVSS7.8AI score0.00647EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.8 views

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2025-1195)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.12 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-39483)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39483 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff...

5.5CVSS5.9AI score0.00211EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/02/10 12:0 a.m.9 views

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1162)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.00647EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.4 views

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-1162)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 11:0 a.m.15 views

CVE-2024-21545

Proxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against malicious API response values allow authenticated attackers with 'Sys.Audit' or 'VM.Monitor' privileges to download arbitrary host files via the API. When handli...

8.2CVSS6.6AI score0.00366EPSS
Exploits1References1
OSV
OSV
added 2025/01/17 3:5 p.m.12 views

BIT-PYTHON-MIN-2024-9287 Virtual environment (venv) activation scripts don't quote paths

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

7.8CVSS7.2AI score0.00647EPSS
Exploits0References13
Redos
Redos
added 2025/01/14 12:0 a.m.7 views

ROS-20250114-11

The vulnerability of the Python virtualenv virtual environment constructor activation scripts is related to the failure to take steps to neutralize special elements used by the operating system command. measures to neutralize special elements used in the operating system command. Exploitation...

8.4CVSS7.6AI score0.0157EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.17 views

RHEL 9 : python3.11 (RHSA-2025:0280)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0280 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.8CVSS7AI score0.00647EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/13 11:40 a.m.21 views

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/01/09 3:36 p.m.5 views

Security update for python312

This update for python312 fixes the following issues: Properly quote path names provided when creating a virtual environment bsc1232241, CVE-2024-9287 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.5CVSS7.5AI score0.00647EPSS
Exploits0References4
OSV
OSV
added 2025/01/09 3:36 p.m.10 views

SUSE-SU-2025:0048-1 Security update for python312

This update for python312 fixes the following issues: - Properly quote path names provided when creating a virtual environment bsc1232241, CVE-2024-9287...

7.8CVSS6.4AI score0.00647EPSS
Exploits0References3
Rows per page
Query Builder