Filter
Software
pip/RestrictedPythonRestrictedPython information leakage via `AttributeError.obj` and the `string` module
8.7
First published (updated )
pip/Products.SQLAlchemyDAProducts.SQLAlchemyDA vulnerable to unauthenticated arbitrary SQL query execution
9.8
EPSS
0.13%
First published (updated )
pip/ZopeZope management interface vulnerable to stored cross site scripting via the title property
4.8
First published (updated )
Zope ZopeZope vulnerable to Stored Cross Site Scripting with SVG images
5.4
First published (updated )
Zope AccesscontrolInformation disclosure through Python's "format" functionality in Zope AccessControl
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/RestrictedPythonSandbox escape via various forms of "format" in RestrictedPython
8.3
First published (updated )
Zope RestrictedpythonRestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
9.9
First published (updated )
pip/Products.CMFCorezopefoundation's Products.CMFCore vulnerable to unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
7.5
First published (updated )
Zope AccesscontrolRemote Code Execution via Script (Python) objects under Python 3
7.5
First published (updated )
Zope AccesscontrolRemote Code Execution via unsafe classes in otherwise permitted modules
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zope ZopeRemote Code Execution via traversal in TAL expressions
8.8
First published (updated )
Plone PloneRemote Code Execution via traversal in TAL expressions
8.8
First published (updated )
Zope Products.genericsetupExposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zope Products.pluggableauthserviceURL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService
6.1
First published (updated )
Plone PloneExposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone PloneZope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo…
7.5
First published (updated )
Plone PloneThe App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2…
6.5
First published (updated )
Zope ZopeUnspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and …
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone PloneUnspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plo…
7.5
First published (updated )
Zope ZopeZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a de…
7.5
First published (updated )
Zope ZodbUnspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope …
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.