Lucene search
K

7035 matches found

PyPA
PyPA
added 6 days ago4 views

Out-of-bounds Read in OpenCV

OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the...

8.8CVSS6.7AI score0.0197EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 6 days ago3 views

SSRF attacks via tracebacks in Plone

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS...

6.1CVSS6.4AI score0.00773EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 6 days ago4 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS...

6.1CVSS6.4AI score0.00773EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 6 days ago3 views

Open Redirect in Apache Superset

Apache Superset prior to 1.1.0 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link...

6.1CVSS6.4AI score0.63768EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 6 days ago4 views

SSRF attacks via tracebacks in Plone

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Improper Input Validation in OpenCV

OpenCV 3.0.0 allows remote attackers to cause a denial of service segfault via vectors involving corrupt chunks. This issue was fixed in OpenCV version 3.3.1 corresponding to OpenCV 3.3.1.11...

5.5CVSS6.5AI score0.01031EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Double Free in OpenCV

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. This issue was fixed in OpenCV version 3.3.1 corresponding to OpenCV-Python and and OpenCV-Contrib-Python 3.3.1.11...

8.8CVSS6.9AI score0.02337EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 6 days ago5 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

SSRF attacks via tracebacks in Plone

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Open Redirect vulnerability in jupyterhub and notebook

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers Chrome, Firefox in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a baseurl prefix are not affecte...

6.1CVSS6.6AI score0.01741EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 6 days ago2 views

Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool

Cross-site scripting XSS vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6.2AI score0.02367EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 6 days ago4 views

Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool

Cross-site scripting XSS vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6.2AI score0.02367EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 6 days ago4 views

Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts

plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011...

7.1CVSS6.2AI score0.01579EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 6 days ago3 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago3 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 6 days ago4 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-3446

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260401.0, the OpenCTI GraphQL API exposes a script filter operator in its FilterOperator enum that allows any authenticated user with the KNOWLEDGE capability to pass user-supplied...

6.5CVSS6.1AI score0.0037EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added last week6 views

PYSEC-2026-3445

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...

7.1CVSS6.1AI score0.00252EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-3444

httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week8 views

PYSEC-2026-2323

Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbidexternal is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is fix...

5.9CVSS6.1AI score0.00252EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added last week5 views

PYSEC-2026-2213

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work in src/mistune/inlineparser.py because the parser scans forward for matching close markers from...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-2216

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/blockparser.py and the reflinks environment dictionary handling, allowing denial of service...

7.5CVSS6.1AI score0.00366EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week6 views

PYSEC-2026-2217

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safeurl filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:...

6.1CVSS6.2AI score0.00198EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-2212

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Include.parse joins and normalizes user-supplied include paths without verifying that the result remains within the intended markdown directory, allowing crafted include paths to access files outside that directory wh...

5.9CVSS6.1AI score0.0034EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-2214

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...

6.1CVSS6AI score0.00191EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added last week5 views

PYSEC-2026-2215

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...

5.3CVSS6.1AI score0.00307EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week4 views

PYSEC-2026-2218

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable tocN values without slugifying the heading text, allowing attacker-controlled id="tocN" content to collide with generated anchors and...

4.3CVSS6.1AI score0.00128EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week7 views

PYSEC-2026-3447

setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. Prior to 83.0.0, FileList applied MANIFEST.in exclude, global-exclude, recursive-exclude, and prune directives by matching compiled glob patterns against on-disk file names without Unico...

6.1CVSS6.1AI score0.0029EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week5 views

PYSEC-2026-2210

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a run of closed tilde, equals-sign, or caret marker pairs around a character causes quadratic work in src/mistune/plugins/formatting.py when the strikethrough, mark, or insert plugin scans for matching markers from ea...

7.5CVSS6.1AI score0.00366EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week5 views

PYSEC-2026-2211

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safeurl does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version...

6.1CVSS6.2AI score0.00199EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added last week10 views

PYSEC-2026-2089

A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function asyncruncommand of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement...

7.8CVSS5.8AI score0.01338EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:42 p.m.10 views

SageMaker Python SDK has Exposed HMAC

SummarySageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API has been identified. Impact- Function and Payload...

8.7CVSS6.7AI score0.00455EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:42 p.m.10 views

Boltz contains an insecure deserialization vulnerability in its molecule loading functionality

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

8.4CVSS6.6AI score0.00143EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:42 p.m.10 views

SageMaker Python SDK has Insecure TLS Configuration

SummarySageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where SSL certificate verification was globally disabled in the Triton Python backend has been found. ImpactArbitrary Code Execution: Disabling SSL verification...

8.7CVSS6.5AI score0.00244EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:42 p.m.10 views

picklescan missing detection by simple obfuscation of a `builtins.eval` call

SummaryAn unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source. DetailsIt's possible to hide the eval call nested under another callable via getattr. PoCpythonimport builtinsclass EvilClass:...

9.8CVSS6.4AI score0.00519EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:42 p.m.11 views

Wagtail has improper permission handling on admin preview endpoints

ImpactDue to a missing permission check on the preview endpoints, a user with access to the Wagtail admin and knowledge of a model's fields can craft a form submission to obtain a preview rendering of any page, snippet or site setting object for which previews are enabled, consisting of any data ...

5.1CVSS5.8AI score0.00343EPSS
Exploits0References15Affected Software1
PyPA
PyPA
added 2026/07/07 4:36 p.m.10 views

Khoj has an IDOR in Notion OAuth Flow that Enables Index Poisoning

SummaryAn IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion...

7.1CVSS6AI score0.00361EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:36 p.m.11 views

pip Path Traversal vulnerability

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...

2CVSS5.9AI score0.0039EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:26 p.m.12 views

Malicious code in tiktoken-mcp (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of tiktoken-mcp were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:19 p.m.11 views

Malicious code in ray-mcp-server (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of ray-mcp-server were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:16 p.m.15 views

Malicious code in orchestr8-platform (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of orchestr8-platform were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:12 p.m.11 views

Malicious code in openai-mcp (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of openai-mcp were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:9 p.m.11 views

Malicious code in mem8 (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of mem8 were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:4 p.m.18 views

Malicious code in langchain-core-mcp (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of langchain-core-mcp were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.12 views

Salt Authentication Protocol Version Downgrade Allows Minion Impersonation

Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to prior issues...

7.5CVSS6AI score0.00407EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Unfurl's unbounded zlib decompression allows decompression bomb DoS

SummaryThe compressed data parser uses zlib.decompress without a maximum output size. A small, highly compressed payload can expand to a very large output, causing memory exhaustion and denial of service. Details- unfurl/parsers/parsecompressed.py calls zlib.decompressdecoded with no size limit.-...

8.7CVSS6AI score0.00508EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Salt junos Module Vulnerable to Code Injection via Specially Crafted YAML Payload

Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process...

7.8CVSS6.4AI score0.00179EPSS
Exploits0References7Affected Software1
Total number of security vulnerabilities7035