2127 matches found
DEBIAN-CVE-2026-27448
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...
CVE-2026-27459
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....
CVE-2026-27459
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....
CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...
EUVD-2025-208773
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
Malicious code in changelog-logger-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07f02cb66d1d05ebc1ce27c24e2a54922ecfdc8a1fba1117fc8b305026621ad The package changelog-logger-wrapper was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1460 Malicious code in changelog-logger-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07f02cb66d1d05ebc1ce27c24e2a54922ecfdc8a1fba1117fc8b305026621ad The package changelog-logger-wrapper was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview changelog-logger-wrapper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
CVE-2025-69902
CVE-2025-69902 affects kubectl-mcp-server (minimal_wrapper.py) v1.2.0 where an attacker can inject shell metacharacters to achieve command injection. The Red Hat/NVD/CVE entries confirm a vulnerability in minimal_wrapper.py with potential arbitrary command execution, rated critical (CVSSv3.1: AV:...
OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv
Summary In affected versions of openclaw, node-host system.run approvals could display only an extracted shell payload such as jq --version while execution still ran a different outer wrapper argv such as ./env sh -c 'jq --version'. Impact This is an approval-integrity bug. An attacker who could...
GHSA-RW39-5899-8MXP OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv
Summary In affected versions of openclaw, node-host system.run approvals could display only an extracted shell payload such as jq --version while execution still ran a different outer wrapper argv such as ./env sh -c 'jq --version'. Impact This is an approval-integrity bug. An attacker who could...
Stack-based Buffer Overflow
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Heap-based Buffer Overflow
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
OpenClaw: system.run wrapper-depth boundary could skip shell approval gating
OpenClaw's system.run dispatch-wrapper handling applied different depth-boundary rules to shell-wrapper approval detection and execution planning. With exactly four transparent dispatch wrappers such as repeated env invocations before /bin/sh -c, the approval classifier could stop treating the...
GHSA-R6QF-8968-WJ9Q OpenClaw: system.run wrapper-depth boundary could skip shell approval gating
OpenClaw's system.run dispatch-wrapper handling applied different depth-boundary rules to shell-wrapper approval detection and execution planning. With exactly four transparent dispatch wrappers such as repeated env invocations before /bin/sh -c, the approval classifier could stop treating the...
OpenClaw's system.run allowlist approval parsing missed PowerShell encoded-command wrappers
OpenClaw's system.run shell-wrapper detection did not recognize PowerShell -EncodedCommand forms as inline-command wrappers. In allowlist mode, a caller with access to system.run could invoke pwsh or powershell using -EncodedCommand, -enc, or -e, and the request would fall back to plain argv...
GHSA-3H2Q-J2V4-6W5R OpenClaw's system.run allowlist approval parsing missed PowerShell encoded-command wrappers
OpenClaw's system.run shell-wrapper detection did not recognize PowerShell -EncodedCommand forms as inline-command wrappers. In allowlist mode, a caller with access to system.run could invoke pwsh or powershell using -EncodedCommand, -enc, or -e, and the request would fall back to plain argv...
[SECURITY] Fedora 42 Update: python-apt-3.1.0-1.fc42
python-apt is a wrapper to use features of APT from Python...