VYPR
Vendor

Psf

Products
2
CVEs
10
Across products
10
Status
Private

Products

2

Recent CVEs

10
  • CVE-2016-2311MedMay 30, 2016
    risk 0.42cvss 6.5epss 0.01

    Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to…

  • CVE-2024-35195MedMay 20, 2024
    risk 0.29cvss 5.6epss 0.00

    Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes…

  • CVE-2024-47081MedJun 9, 2025
    risk 0.28cvss 5.3epss 0.01

    Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the…

  • CVE-2024-21503MedMar 19, 2024
    risk 0.28cvss 5.3epss 0.01

    Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of…

  • CVE-2024-1682MedNov 14, 2024
    risk 0.21cvss 4.3epss 0.00

    An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems,…

  • CVE-2026-25645Mar 25, 2026
    risk 0.00cvss epss 0.00

    Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without…

  • CVE-2026-32274Mar 12, 2026
    risk 0.00cvss epss 0.01

    Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker…

  • CVE-2026-31900Mar 11, 2026
    risk 0.00cvss epss 0.00

    Black is the uncompromising Python code formatter. Black provides a GitHub action for formatting code. This action supports an option, use_pyproject: true, for reading the version of Black to use from the repository pyproject.toml. A malicious pull request could edit…

  • CVE-2023-32681May 26, 2023
    risk 0.00cvss epss 0.03

    Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For…

  • CVE-2019-15497Aug 26, 2019
    risk 0.00cvss epss 0.03

    Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP.