Filter
-Infinity
0
Trending
pip/RestrictedPythonRestrictedPython information leakage via `AttributeError.obj` and the `string` module
8.7
First published (updated )
pip/Products.SQLAlchemyDAProducts.SQLAlchemyDA vulnerable to unauthenticated arbitrary SQL query execution
9.8
EPSS
0.13%
First published (updated )
pip/ZopeZope management interface vulnerable to stored cross site scripting via the title property
4.8
First published (updated )
pip/ZopeZope vulnerable to Stored Cross Site Scripting with SVG images
5.4
First published (updated )
pip/AccessControlInformation disclosure through Python's "format" functionality in Zope AccessControl
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/RestrictedPythonSandbox escape via various forms of "format" in RestrictedPython
8.3
First published (updated )
RestrictedPythonRestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
9.9
First published (updated )
pip/Products.CMFCorezopefoundation's Products.CMFCore vulnerable to unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
7.5
First published (updated )
pip/ZopeRemote Code Execution via Script (Python) objects under Python 3
7.5
First published (updated )
pip/AccessControlRemote Code Execution via unsafe classes in otherwise permitted modules
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/ZopeRemote Code Execution via traversal in TAL expressions
8.8
First published (updated )
pip/ZopeRemote Code Execution via traversal in TAL expressions
8.8
First published (updated )
Zope Products.genericsetupExposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/Products.PluggableAuthServiceURL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService
6.1
First published (updated )
Plone CMSExposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone CMSZope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo…
7.5
First published (updated )
Plone CMSThe App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13.x before 2…
6.5
First published (updated )
Zope ZODBUnspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and …
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zope ZODBPlone upstream has published a pre-announcement about a security flaw, present in Zope v2.12.x and Z…
First published (updated )
Plone CMSUnspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plo…
7.5
First published (updated )
Plone CMSIt was reported [1] that Plone suffers from a vulnerability that can be exploited to bypass certain …
7
First published (updated )
Zope ZODBZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a de…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.