CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

294 matches found

Tenable Nessus•added 2026/03/10 12:0 a.m.•2 views

EulerOS 2.0 SP13 : python-virtualenv (EulerOS-SA-2026-1260)

According to the versions of the python-virtualenv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use...

4.5CVSS5.8AI score0.0001EPSS

Exploits0References2

IBM Security Bulletins•added 2026/02/27 3:40 p.m.•6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Time-of-Check to Time-of-Use in virtualenv [CVE-2026-22702]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Time-of-Check to Time-of-Use in virtualenv, caused by flaws which allow local attackers to perform symlink-based attacks on directory creation operations. CVE-2026-22702. virtualenv is used in our java microservices. This...

4.5CVSS5.9AI score0.0001EPSS

Exploits0Affected Software1

OSV•added 2026/02/26 11:2 p.m.•3 views

CLSA-2026-1771855894 python-virtualenv: Fix of CVE-2024-53899

CVE-2024-53899: Quote template strings in activation scripts...

8.4CVSS5.8AI score0.00226EPSS

Exploits1References1

OSV•added 2026/02/23 2:4 p.m.•4 views

CLSA-2026-1771855453 python-virtualenv: Fix of CVE-2024-53899

CVE-2024-53899: Quote template strings in activation scripts...

8.4CVSS5.8AI score0.00226EPSS

Exploits1References1

Tenable Nessus•added 2026/02/19 12:0 a.m.•6 views

Amazon Linux 2023 : python3.13-virtualenv (ALAS2023-2026-1428)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1428 advisory. virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform...

4.5CVSS5.7AI score0.0001EPSS

Exploits0References4

Amazon•added 2026/02/18 12:0 a.m.•5 views

Medium: python3.13-virtualenv

Issue Overview: virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access c...

4.5CVSS5.6AI score0.0001EPSS

Exploits0

OSV•added 2026/02/02 3:16 p.m.•4 views

AZL-77910 CVE-2026-1703 affecting package python-virtualenv 20.36.1-1

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...

2CVSS5.7AI score0.0003EPSS

Exploits1References1

OpenVAS•added 2026/01/30 12:0 a.m.•2 views

SUSE: Security Advisory (SUSE-SU-2026:20129-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.5CVSS5.9AI score0.0001EPSS

Exploits0References4

OpenVAS•added 2026/01/26 12:0 a.m.•1 views

openSUSE Security Advisory (SUSE-SU-2026:0233-1)

4.5CVSS5.9AI score0.0001EPSS

Exploits0References4

Tenable Nessus•added 2026/01/26 12:0 a.m.•5 views

openSUSE 16 Security Update : python-virtualenv (openSUSE-SU-2026:20086-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20086-1 advisory. - CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458. Tenable has extracted the preceding descriptio...

4.5CVSS6AI score0.0001EPSS

Exploits0References3

Tenable Nessus•added 2026/01/24 12:0 a.m.•3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-virtualenv (SUSE-SU-2026:0233-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0233-1 advisory. - CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458...

4.5CVSS5.6AI score0.0001EPSS

Exploits0References4

OSV•added 2026/01/22 3:55 p.m.•0 views

OPENSUSE-SU-2026:20086-1 Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: - CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458...

4.5CVSS5.8AI score0.0001EPSS

Exploits0References2

OSV•added 2026/01/22 3:48 p.m.•1 views

SUSE-SU-2026:20129-1 Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: - CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458...

4.5CVSS5.8AI score0.0001EPSS

Exploits0References3

SUSE Linux•added 2026/01/22 12:24 p.m.•5 views

Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4.5CVSS5.5AI score0.0001EPSS

Exploits0References4

OSV•added 2026/01/22 12:24 p.m.•1 views

SUSE-SU-2026:0233-1 Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: - CVE-2026-22702: Fixed local attacker can redirect file operations via TOCTOU race condition bsc1256458...

4.5CVSS5.8AI score0.0001EPSS

Exploits0References3

OSV•added 2026/01/22 5:16 a.m.•3 views

AZL-75192 CVE-2026-24049 affecting package python-virtualenv 20.26.6-2

wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...

7.1CVSS7.9AI score0.00015EPSS

Exploits2References1

RedhatCVE•added 2026/01/21 10:57 p.m.•4 views

CVE-2026-22702

A flaw was found in virtualenv, a tool for creating isolated virtual Python environments. A local attacker can exploit a Time-of-Check-Time-of-Use TOCTOU race condition during directory creation operations. By performing symlink-based attacks, the attacker can redirect virtualenv's application da...

4.5CVSS5.6AI score0.0001EPSS

Exploits0References6

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 7 : python-virtualenv-15.1.0-4.el7 (AXSA:2020-4513:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4513:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

9.8CVSS7.8AI score0.00656EPSS

Exploits3References4

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : python36:3.6 (AXSA:2024-9397:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9397:01 advisory. virtualenv: potential command injection via virtual environment activation scripts CVE-2024-53899 Tenable has extracted the preceding description block...

8.4CVSS8.1AI score0.00226EPSS

Exploits1References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 7 : python-virtualenv-15.1.0-7.el7 (AXSA:2022-3284:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3284:03 advisory. python-pip: directory traversal in downloadhttpurl function in src/pip/internal/download.py CVE-2019-20916 Tenable has extracted the preceding description...

7.5CVSS7.9AI score0.00622EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by