Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2005-1 |
|
Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2… | trac | 2005-12-31T05:00:00Z | 2021-07-16T01:31:33.917972Z |
| pysec-2006-1 |
|
Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 … | cherrypy | 2006-02-22T02:02:00Z | 2021-07-05T00:01:17.388273Z |
| pysec-2006-4 |
|
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote atta… | extractor | 2006-05-18T23:02:00Z | 2024-11-25T22:09:33.909779Z |
| pysec-2006-7 |
|
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw… | zope2 | 2006-07-07T23:05:00Z | 2024-11-21T14:23:03.576588Z |
| pysec-2006-2 |
|
Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrust… | trac | 2006-07-21T14:03:00Z | 2021-07-16T01:31:33.987147Z |
| pysec-2006-8 |
|
The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not … | zope2 | 2006-09-19T18:07:00Z | 2024-11-21T14:23:03.63347Z |
| pysec-2006-5 |
|
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 … | Plone | 2006-09-29T19:07:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2006-9 |
|
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 … | plone | 2006-09-29T19:07:00Z | 2026-05-20T09:19:11.014396Z |
| pysec-2006-3 |
|
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows … | trac | 2006-11-14T19:07:00Z | 2021-07-16T01:31:34.062903Z |
| pysec-2006-10 |
|
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member regis… | plone | 2006-12-07T23:28:00Z | 2026-05-20T09:19:10.953251Z |
| pysec-2006-6 |
|
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member regis… | Plone | 2006-12-07T23:28:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2007-2 |
|
Cross-site scripting (XSS) vulnerability in the "download wiki page as text" feature in T… | trac | 2007-03-10T22:19:00Z | 2021-07-16T01:31:34.136788Z |
| pysec-2007-3 |
|
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attach… | trac | 2007-03-10T22:19:00Z | 2021-07-16T01:31:34.212521Z |
| pysec-2007-1 |
|
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as … | django | 2007-10-30T19:46:00Z | 2021-07-15T02:22:07.728618Z |
| pysec-2007-4 |
|
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrar… | plone | 2007-11-07T21:46:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-3 |
|
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py i… | cherrypy | 2008-01-12T02:46:00Z | 2021-07-16T01:31:05.763719Z |
| pysec-2008-8 |
|
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not… | paramiko | 2008-01-16T23:00:00Z | 2021-08-27T03:22:10.050129Z |
| pysec-2008-14 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 a… | Plone | 2008-03-20T00:44:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-15 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 a… | plone | 2008-03-20T00:44:00Z | 2026-05-20T09:19:11.075428Z |
| pysec-2008-10 |
|
The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows att… | roundup | 2008-03-24T22:44:00Z | 2021-08-27T03:22:19.634629Z |
| pysec-2008-9 |
|
Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and atta… | roundup | 2008-03-24T22:44:00Z | 2021-08-27T03:22:19.598501Z |
| pysec-2008-12 |
|
The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non… | moin | 2008-04-25T06:05:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-1 |
|
Cross-site scripting (XSS) vulnerability in the login form in the administration applicat… | django | 2008-05-23T15:32:00Z | 2021-07-15T02:22:07.778598Z |
| pysec-2008-11 |
|
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-… | exiv2 | 2008-06-13T19:41:00Z | 2024-11-21T14:22:45.866207Z |
| pysec-2008-4 |
|
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote atta… | trac | 2008-07-27T22:41:00Z | 2021-07-16T01:31:34.307332Z |
| pysec-2008-5 |
|
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows … | trac | 2008-07-27T22:41:00Z | 2021-07-16T01:31:34.385513Z |
| pysec-2008-13 |
|
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (a… | moin | 2008-07-30T18:41:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2008-2 |
|
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP… | django | 2008-09-04T17:41:00Z | 2021-07-15T02:22:07.826825Z |
| pysec-2008-6 |
|
Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of ser… | trac | 2008-12-17T18:30:00Z | 2021-07-16T01:31:34.451441Z |
| pysec-2008-7 |
|
Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attac… | trac | 2008-12-17T18:30:00Z | 2021-07-16T01:31:34.677272Z |