CVE-2026-0897

creationtimestamp| type| source ---|---|--- 2026-03-29 09:00:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/77758 2026-03-29 15:00:08+00:00| published-proof-of-concept| Telegram/Fln1CDV-IIlp7EGS7hrJibbBYDcdeDsNTgWenTzMncUGCI...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +16 more potentially affected by CVE-2026-0897 via keras (>=3.0.0 <=3.12.0)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =14.0.0, =14.0.15b3 and more Source cves: CVE-2026-0897 Source advisory: SNYK:PYTHON-KERAS-14947722...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +18 more potentially affected by CVE-2026-0897 via keras (>=3.0.0 <=3.13.0)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =3.14.3, =0.1.0, =0.1.1, =0.1.6 and more Source cves: CVE-2026-0897 Source advisory: OSV:PYSEC-2026-73...

CVE-2026-0897

CVE-2026-0897 affects Google Keras (3.0.0–3.13.0) via the HDF5 weight loading component. A crafted .keras archive containing a valid model.weights.h5 file with an extremely large dataset shape can trigger memory exhaustion and crash the Python interpreter, causing a Denial of Service. Some connec...

CVE-2026-0897 Denial of Service in Keras via Excessive Memory Allocation in HDF5 Metadata

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

Photon OS 4.0: Libtiff PHSA-2025-4.0-0897

An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0897. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2007-1739

Malware in sbrugna...

CVE-2023-0897

Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...

CVE-2020-0897

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865,...

CVE-2015-0897

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM man-in-the-middle attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM man-in-the-middle attacker...

Linux Distros Unpatched Vulnerability : CVE-2022-0897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over...

CVE-2025-0897

creationtimestamp| type| source ---|---|--- 2025-02-20 12:41:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3limctfxykv2s 2025-02-20 13:09:09+00:00| seen| https://t.me/cvedetector/18534...

CVE-2025-0897 Modal Window <= 6.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via iframeBox Shortcode

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-0897 Modal Window <= 6.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via iframeBox Shortcode

The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versions up to, and including, 6.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-0897

The CVE CVE-2025-0897 affects the WordPress plugin “Modal Window – create popup modal window” and is a stored Cross-Site Scripting flaw exposed through the iframeBox shortcode in versions up to 6.1.5. The issue stems from insufficient input sanitization and output escaping of user-provided attrib...

Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...

[SECURITY] [DLA 3778-1] libvirt security update

Debian LTS Advisory DLA-3778-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin April 01, 2024 https://wiki.debian.org/LTS Package : libvirt Version : 5.0.0-4+deb10u2 CVE ID : CVE-2020-10703 CVE-2020-12430 CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975...

CVE-2024-0897

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-0897

Beaver Builder – WordPress Page Builder (WordPress plugin) contains a stored XSS in the image URL parameter affecting all versions up to 2.7.4.2. Exploitation requires authenticated access (Contributor+) to inject scripts that run for any user visiting the injected page. Remediation: update to ve...

CVE-2024-0897 Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...