Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.
40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
0127fca069d9b37d986cb18e84406f7e4e056b54f050f28400442b28945635cbRed Hat Security Advisory 2022-8493-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
830e84737049728164089fedffb46a7456defd19bcdcd6e15286d0fe9df4be79Red Hat Security Advisory 2022-8492-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
6cf3a3fb83078828d12c9df5d5fe73dbfad72c496a535112ea92891acff4047dRed Hat Security Advisory 2022-8226-01 - lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Issues addressed include a null pointer vulnerability.
c7a7d8016e3f6e1bbea20fd6fe23d693073c38fd02b640fad0cb11e1c2e5708eRed Hat Security Advisory 2022-8353-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include information leakage and open redirection vulnerabilities.
625ea5260bb99c4f63602364f0a05f4244de78b2f36f0c62be4b3fe80c971b0aRed Hat Security Advisory 2022-7581-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
f5c969e85fb89a391552f03295f4cf097c926e26a196210f6030b00afa0d9bb9Red Hat Security Advisory 2022-7593-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing.
c9698036ccccf35f38744b451c5bcec4034590ecce5a7afd3260a039f38c1c77Red Hat Security Advisory 2022-7592-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
97028f9f6690e6affeaf2eb450aad8f54b4aeca22ac96bab2be5ae5e1e9d92f2Ubuntu Security Notice 5713-1 - Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges.
519b87950edc14d86138f6d60cc3d5418b913135e7e909f8cc810d2a861e5aeeRed Hat Security Advisory 2022-7323-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
190078feb6bd89868814004daf3ca05548b2eab6d5f0b78c3e2822cd3347cf6fDebian Linux Security Advisory 5269-1 - Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language.
f752ef01084b627e09856d7a86d4d183b378e7a674828118e0fc6145e4675723Debian Linux Security Advisory 5267-1 - Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions.
d4090d5d01e608bb05f0321bed3147663eb2d627ff27188ec0ba8a82517bcbddAPOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. All versions prior to 3.5 are affected.
9cdea8ef198269714420f4181480f5f779bae0a4ceba444e0d250e3b4071220anfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
53ba1723a56c77d936eed734e9d420bbb2e0c430ca907e2df09016bc29a0898cDebian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.
f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6Red Hat Security Advisory 2022-6854-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. Issues addressed include a double free vulnerability.
dff461130a763c1fd068e986dd002fa1af64116943515003ec50ff603edd70a2Red Hat Security Advisory 2022-6766-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
47a2ab29057f9acc5a00ccedf39008056db417722a5523acfc41053f138f98b6Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Python script and it allows us to check the security of a VoIP server using SIP protocol, over UDP, TCP and TLS protocols.
3ede5028958a1effbe95fce1926ba0492f4dc037dcfa74011730bc24129aa41bnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
da5306d28b0076e69391f9795d1074d3ee383e8d2f622006eeab0362afde9021Ubuntu Security Notice 5629-1 - It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic.
8ed17abf4d4b43b1e2bb7cde1858817522b51ed63ec4e2aa8a769c70b7853ef1Red Hat Security Advisory 2022-6457-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
7266239c22b575a90f6bb3ad0f599c5c7156dfbfcf1d73eddfcff1d1b3d2334aUbuntu Security Notice 5519-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
5d14f39f1eb4bd189e0b727ddf12f2568325e99366d052607e964063bdb10d56Ubuntu Security Notice 5508-1 - It was discovered that Python LDAP incorrectly handled certain regular expressions. An remote attacker could possibly use this issue to cause a denial of service.
f2123ae7b34c42916a500633790cc6cc033449bd0068a18dcf66a2edcb4b151eSashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the cryptocurrency trading bot OctoBot which is designed to be easy to use and customizable. Versions 0.4.0beta3 through 0.4.3 are affected.
67657fcc4e1e91fdf6687effb98e5e02419480dc043b1f499700a2140f08b47b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed