Lucene search
K

5612 matches found

PyPA
PyPA
•added 2020/01/23 9:15 p.m.•6 views

PYSEC-2020-90

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT overwrite some content without needing write permission...

9.8CVSS7.2AI score0.02258EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/01/22 7:15 p.m.•6 views

PYSEC-2020-178

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS6.8AI score0.02122EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/01/22 2:15 a.m.•7 views

PYSEC-2020-174

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy...

6.9CVSS6.9AI score0.00671EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/01/17 2:15 a.m.•4 views

PYSEC-2020-177

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...

9.8CVSS8.3AI score0.15106EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2020/01/15 9:15 p.m.•5 views

PYSEC-2020-235

python-markdown2 before 1.0.1.14 has multiple cross-site scripting XSS issues...

6.1CVSS6.2AI score0.00766EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/01/15 3:15 p.m.•6 views

PYSEC-2020-339

XML external entity XXE vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format AMF payload...

7.1CVSS7AI score0.01378EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2020/01/14 8:15 p.m.•10 views

PYSEC-2020-175

In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user at least more than the current one which have his "TempPath" resolving to a world...

7.8CVSS6.9AI score0.00689EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2020/01/14 7:15 p.m.•6 views

PYSEC-2020-146

TUF aka The Update Framework 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption...

5.3CVSS7AI score0.01403EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/01/14 5:15 p.m.•6 views

PYSEC-2020-162

In Apache Airflow before 1.10.5 when running with the "classic" UI, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. The new "RBAC" UI is unaffected...

4.8CVSS7.3AI score0.01871EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/01/13 7:15 p.m.•6 views

PYSEC-2020-94

PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping XSW. The signature information and the node/object that is signed can be in different places and thus the signature...

7.5CVSS6.8AI score0.01207EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2020/01/09 1:15 p.m.•5 views

PYSEC-2020-198

Ansible prior to 1.5.4 mishandles the evaluation of some strings...

7.5CVSS6.9AI score0.0118EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/01/05 10:15 p.m.•5 views

PYSEC-2020-172

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux...

7.5CVSS6.9AI score0.02118EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2020/01/03 1:15 a.m.•6 views

PYSEC-2020-81

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

8.8CVSS6.9AI score0.01975EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2020/01/03 1:15 a.m.•6 views

PYSEC-2020-82

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...

9.8CVSS7.2AI score0.04212EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2020/01/03 1:15 a.m.•5 views

PYSEC-2020-84

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow...

7.1CVSS7.2AI score0.02752EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2020/01/03 1:15 a.m.•8 views

PYSEC-2020-83

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow...

9.8CVSS7.2AI score0.0369EPSS
Exploits0References13Affected Software1
PyPA
PyPA
•added 2020/01/02 7:15 p.m.•7 views

PYSEC-2020-218

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

6.1CVSS6AI score0.01395EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2020/01/02 6:15 p.m.•8 views

PYSEC-2020-245

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.9CVSS6.9AI score0.00413EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/01/02 3:15 p.m.•8 views

PYSEC-2020-163

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable...

9.1CVSS6.5AI score0.01596EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/01/02 3:15 p.m.•6 views

PYSEC-2020-160

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag nolog set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data...

6.5CVSS6.8AI score0.01857EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2019/12/26 11:15 p.m.•6 views

PYSEC-2019-112

In Archery before 1.3, inserting an XSS payload into a project name either by creating a new project or editing an existing one will result in stored XSS on the vulnerability-scan scheduling page...

5.4CVSS6.2AI score0.00761EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2019/12/26 5:15 p.m.•11 views

PYSEC-2019-138

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special...

8.2CVSS6.5AI score0.02587EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2019/12/20 11:15 p.m.•6 views

PYSEC-2019-136

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.5CVSS6.8AI score0.02714EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2019/12/20 11:15 p.m.•5 views

PYSEC-2019-137

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.7AI score0.02545EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2019/12/18 7:15 p.m.•7 views

PYSEC-2019-16

Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address that is equal to an existing user's email address after case transformation of Unicode characters would allow an attacker to be sent a password reset token for the matched user...

9.8CVSS7AI score0.3481EPSS
Exploits7References11Affected Software1
PyPA
PyPA
•added 2019/12/18 6:15 p.m.•7 views

PYSEC-2019-254

In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. Also, anonymous access can be achieved in applications that do not have a user login area...

6.5CVSS7AI score0.14706EPSS
Exploits9References7Affected Software1
PyPA
PyPA
•added 2019/12/16 10:15 p.m.•5 views

PYSEC-2019-172

In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...

5.3CVSS6.7AI score0.02779EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2019/12/16 10:15 p.m.•6 views

PYSEC-2019-173

In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab...

5.3CVSS6.9AI score0.02707EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2019/12/16 9:15 p.m.•6 views

PYSEC-2019-209

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS7.4AI score0.00777EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2019/12/16 9:15 p.m.•9 views

PYSEC-2019-234

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS7.4AI score0.00777EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2019/12/16 9:15 p.m.•7 views

PYSEC-2019-227

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS7.4AI score0.00777EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2019/12/15 10:15 p.m.•5 views

PYSEC-2019-200

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS7AI score0.03615EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2019/12/10 8:15 p.m.•9 views

PYSEC-2019-251

The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to perform a denial of service against the DMARC reporting functionality, such as by referencing the /dev/random file within XML...

7.5CVSS7.2AI score0.01465EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2019/12/10 8:15 p.m.•9 views

PYSEC-2019-105

The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to perform a denial of service against the DMARC reporting functionality, such as by referencing the /dev/random file within XML...

7.5CVSS7.2AI score0.01465EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2019/12/10 3:15 p.m.•7 views

PYSEC-2019-161

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass...

9.8CVSS7AI score0.01696EPSS
Exploits1References10Affected Software1
PyPA
PyPA
•added 2019/12/10 3:15 p.m.•7 views

PYSEC-2019-197

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS7AI score0.01764EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2019/12/09 9:15 p.m.•7 views

PYSEC-2019-154

The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294...

5.9CVSS7AI score0.02833EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2019/12/09 6:15 p.m.•5 views

PYSEC-2019-29

OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforcescope is false. Users with a role on a project are able to view any other users' credentials,...

8.8CVSS6.5AI score0.0178EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2019/12/05 1:15 a.m.•8 views

PYSEC-2019-134

The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6...

7.8CVSS6.8AI score0.01171EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2019/12/02 2:15 p.m.•8 views

PYSEC-2019-15

Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests,...

6.5CVSS6.8AI score0.01656EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2019/11/29 5:15 p.m.•7 views

PYSEC-2019-135

When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0...

8.8CVSS7AI score0.01162EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2019/11/27 9:15 a.m.•5 views

PYSEC-2019-28

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function berscanf was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger...

8.8CVSS7.3AI score0.06329EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2019/11/27 8:15 a.m.•7 views

PYSEC-2019-22

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...

6.5CVSS6.6AI score0.01412EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2019/11/27 8:15 a.m.•7 views

PYSEC-2019-168

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...

6.5CVSS6.6AI score0.01412EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2019/11/26 3:15 p.m.•6 views

PYSEC-2019-130

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

7.5CVSS6.9AI score0.03255EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2019/11/26 3:15 p.m.•6 views

PYSEC-2019-131

typedast 1.3.0 and 1.3.1 has an astforarguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that pars...

7.5CVSS6.9AI score0.03255EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2019/11/26 2:15 p.m.•7 views

PYSEC-2019-146

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None...

6.5CVSS6.9AI score0.01649EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2019/11/26 1:15 p.m.•8 views

PYSEC-2019-177

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

7.5CVSS6.6AI score0.02505EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2019/11/25 4:15 p.m.•7 views

PYSEC-2019-3

A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...

6.5CVSS6.5AI score0.01853EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2019/11/25 1:15 p.m.•5 views

PYSEC-2019-182

Python keyring has insecure permissions on new databases allowing world-readable files to be created...

6.2CVSS7AI score0.0045EPSS
Exploits0References7Affected Software1
Total number of security vulnerabilities5612