Lucene search
K

7035 matches found

PyPA
PyPA
•added 2018/03/13 3:29 p.m.•9 views

PYSEC-2018-112

Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds with a traceback error that leaks a path of the...

5.3CVSS6.9AI score0.01279EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2018/03/13 3:29 p.m.•8 views

PYSEC-2018-110

Ajenti version version 2 contains a Input Validation vulnerability in ID string on Get-values POST request that can result in Server Crashing. This attack appear to be exploitable via An attacker can freeze te server by sending a giant string to the ID parameter...

7.5CVSS6.9AI score0.01162EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2018/03/13 3:29 p.m.•9 views

PYSEC-2018-111

Ajenti version version 2 contains a Cross ite Request Forgery CSRF vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via Being a CSRF, victim interaction is needed, when the...

8.8CVSS7.5AI score0.01252EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2018/03/12 7:29 p.m.•9 views

PYSEC-2018-108

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

9.8CVSS7.2AI score0.0178EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2018/03/09 8:29 p.m.•6 views

PYSEC-2018-5

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

5.3CVSS7.1AI score0.04772EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2018/03/09 8:29 p.m.•7 views

PYSEC-2018-6

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

5.3CVSS7AI score0.0462EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2018/03/09 4:29 p.m.•7 views

PYSEC-2018-115

Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbitrary files via unspecified vectors...

5.3CVSS6.9AI score0.02509EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/03/09 4:29 p.m.•7 views

PYSEC-2018-114

Jubatus 1.0.2 and earlier allows remote code execution via unspecified vectors...

7.5CVSS8.2AI score0.02095EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/03/07 11:29 p.m.•8 views

PYSEC-2018-51

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized...

9.8CVSS6.9AI score0.02195EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/02/26 10:29 p.m.•7 views

PYSEC-2018-78

uWSGI before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, allowing directory traversal...

7.5CVSS6.9AI score0.69907EPSS
Exploits5References4Affected Software1
PyPA
PyPA
•added 2018/02/18 3:29 a.m.•9 views

PYSEC-2018-68

An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members not in the whitelisted groups to create accounts on...

8.8CVSS7.1AI score0.01771EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/02/18 3:29 a.m.•7 views

PYSEC-2018-151

An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members not in the whitelisted groups to create accounts on...

8.8CVSS7.1AI score0.01771EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/02/12 10:29 p.m.•7 views

PYSEC-2018-121

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file...

6.5CVSS6.7AI score0.01173EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2018/02/12 10:29 p.m.•6 views

PYSEC-2018-122

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file...

8.1CVSS6.8AI score0.01834EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2018/02/12 10:29 p.m.•6 views

PYSEC-2018-123

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

6.5CVSS6.8AI score0.02172EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2018/02/12 10:29 p.m.•6 views

PYSEC-2018-124

In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...

6.5CVSS7.1AI score0.01581EPSS
Exploits2References4Affected Software1
PyPA
PyPA
•added 2018/02/08 11:29 p.m.•6 views

PYSEC-2018-105

Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3...

8.8CVSS6.9AI score0.01938EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/02/05 3:29 a.m.•6 views

PYSEC-2018-4

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirmloginallowed method, as demonstrated by discovering whether a user account is inactive...

7.5CVSS6.6AI score0.04897EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2018/02/03 9:29 p.m.•5 views

PYSEC-2018-7

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS7AI score0.02659EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2018/02/03 3:29 p.m.•7 views

PYSEC-2018-97

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

7.5CVSS6.5AI score0.0211EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2018/01/18 9:29 p.m.•5 views

PYSEC-2018-13

An issue was discovered in markdown2 aka python-markdown2 through 2.3.5. The safemode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '' character...

6.1CVSS6.3AI score0.00812EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/01/18 7:29 a.m.•7 views

PYSEC-2018-145

In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...

5.5CVSS6.5AI score0.01865EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2018/01/08 7:29 p.m.•5 views

PYSEC-2018-33

init.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file...

5.5CVSS6.2AI score0.00447EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2018/01/08 7:29 p.m.•7 views

PYSEC-2018-34

1 core/tests/testmemmap.py, 2 core/tests/testmultiarray.py, 3 f2py/f2py2e.py, and 4 lib/tests/testio.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file...

5.5CVSS6.2AI score0.00471EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2018/01/03 8:29 p.m.•9 views

PYSEC-2018-73

By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the attacker could more easily link directly to his own website instead. But in combination with another attack, you could be sent to the Plone login fo...

6.1CVSS6.8AI score0.00739EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/01/03 6:29 p.m.•8 views

PYSEC-2018-72

Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...

6.5CVSS6.9AI score0.00923EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/01/03 6:29 p.m.•8 views

PYSEC-2018-71

A member of the Plone 2.5-5.1rc1 site could set javascript in the homepage property of his profile, and have this executed when a visitor click the home page link on the author page...

5.4CVSS6.8AI score0.00559EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/01/03 6:29 p.m.•8 views

PYSEC-2018-70

When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'camefrom' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafte...

6.1CVSS6.7AI score0.0068EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2018/01/03 9:29 a.m.•5 views

PYSEC-2018-144

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

5.5CVSS6.8AI score0.01488EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2018/01/02 11:29 p.m.•6 views

PYSEC-2018-48

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...

8.1CVSS7AI score0.0252EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2017/12/31 7:29 p.m.•7 views

PYSEC-2017-141

Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file...

5.5CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2017/12/29 3:29 p.m.•6 views

PYSEC-2017-18

Cross-site scripting XSS vulnerability in the keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument...

6.1CVSS6.1AI score0.02216EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2017/12/13 10:29 p.m.•9 views

PYSEC-2017-140

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...

5.5CVSS7AI score0.01598EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2017/12/12 1:29 a.m.•6 views

PYSEC-2017-77

The swriaudioconvert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted audio file...

6.5CVSS6.7AI score0.01055EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2017/12/12 1:29 a.m.•6 views

PYSEC-2017-76

A NULL pointer dereference DoS Vulnerability was found in the function aubiosourceavcodecreadframe in io/sourceavcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file...

5.5CVSS6.7AI score0.00739EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2017/12/07 6:29 p.m.•6 views

PYSEC-2017-90

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

10CVSS7.4AI score0.06331EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2017/11/29 7:29 a.m.•6 views

PYSEC-2017-75

In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...

5.5CVSS6.8AI score0.00835EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2017/11/27 10:29 a.m.•9 views

PYSEC-2017-149

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

9.3CVSS7.1AI score0.05978EPSS
Exploits0References8
PyPA
PyPA
•added 2017/11/21 5:29 p.m.•7 views

PYSEC-2017-4

A flaw was found in the way Ansible 2.3.x before 2.3.3, and 2.4.x before 2.4.1 passed certain parameters to the jenkinsplugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in th...

9.8CVSS6.4AI score0.0353EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2017/11/21 1:29 p.m.•9 views

PYSEC-2017-84

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving unhashed tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allow...

9.8CVSS7.1AI score0.08354EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2017/11/17 10:29 p.m.•5 views

PYSEC-2017-116

Exiv2 0.26 contains a heap buffer overflow in tiff parser...

5.5CVSS7.5AI score0.00992EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2017/11/17 10:29 p.m.•7 views

PYSEC-2017-117

Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser...

5.5CVSS6.9AI score0.01119EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2017/11/17 10:29 p.m.•6 views

PYSEC-2017-115

exiv2 0.26 contains a Stack out of bounds read in webp parser...

5.5CVSS6.9AI score0.01062EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2017/11/17 4:29 a.m.•7 views

PYSEC-2017-26

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...

5.3CVSS6.9AI score0.00905EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2017/11/13 5:29 p.m.•6 views

PYSEC-2017-68

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources...

9.8CVSS7AI score0.02594EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2017/11/10 9:29 a.m.•7 views

PYSEC-2017-78

An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command execution. An...

9.8CVSS8AI score0.04435EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2017/11/10 9:29 a.m.•7 views

PYSEC-2017-40

Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring...

7.5CVSS7.1AI score0.02426EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2017/11/10 9:29 a.m.•7 views

PYSEC-2017-79

An exploitable vulnerability exists in the YAML parsing functionality in the readyamlfile method in ioutils.py in djangomakeapp 0.1.3. A YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability...

9.8CVSS8AI score0.03098EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2017/11/08 3:29 a.m.•9 views

PYSEC-2017-22

An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file aka loadyaml or loadyamlf can execute arbitrary Python commands resulting in command execution because load is used where safeload should have been used. An...

9.8CVSS7.9AI score0.04435EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2017/11/08 3:29 a.m.•7 views

PYSEC-2017-19

An exploitable vulnerability exists in the YAML parsing functionality in the parseyamlquery method in parser.py in MLAlchemy before 0.2.2. When processing YAML-Based queries for data, a YAML parser can execute arbitrary Python commands resulting in command execution because load is used where...

9.8CVSS8AI score0.03415EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities7035