CVE-2026-10190

creationtimestamp| type| source ---|---|--- 2026-05-31 21:38:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn6jnsdwdw27 2026-06-01 06:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116673323315187265 2026-06-01 06:00:32+00:00| seen|...

WordPress WP Easy Toggles plugin <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin WP Easy Toggles versions = 1.9.0...

CVE-2024-10190

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the putvalue method in ElasticRendezvousHandler...

deephyper (>=0.1.10 <=0.1.11), l2hmc (>=0.1.0 <=0.13.0) +12 more potentially affected by CVE-2024-10190 via horovod (>=0.19.5 <=0.28.1)

horovod PYPI version =0.19.5, =0.1.10, =0.1.0, =0.1.1, =0.0.0a0, =0.0.3, =0.0.1.0, =0.1.0, =0.1.2, =0.1.8 - zetascale =0.7.1 Source cves: CVE-2024-10190 Source advisory: SNYK:PYTHON-HOROVOD-9510936...

CVE-2024-10190

creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:13+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmgx4qbq2p...

CVE-2024-10190

Horovod CVE-2024-10190 affects v0.28.1 and earlier. The vulnerability is due to ElasticRendezvousHandler.do_PUT/_put_value decoding base64 data and ultimately calling cloudpickle.loads, enabling an unauthenticated attacker to supply a malicious pickle object via a PUT request and achieve arbitrar...

CVE-2024-10190 Unauthenticated Remote Code Execution in ElasticRendezvousHandler in horovod/horovod

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the putvalue method in ElasticRendezvousHandler...

CVE-2024-10190 Unauthenticated Remote Code Execution in ElasticRendezvousHandler in horovod/horovod

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the putvalue method in ElasticRendezvousHandler...

Ubuntu: Security Advisory (USN-7047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Knot Resolver vulnerabilities (USN-7047-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7047-1 advisory. Vladimr unt discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to bypass...

[SECURITY] [DLA 3795-1] knot-resolver security update

Debian LTS Advisory DLA-3795-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 26, 2024 https://wiki.debian.org/LTS Package : knot-resolver Version : 3.2.1-3+deb10u2 CVE ID : CVE-2019-10190 CVE-2019-10191 CVE-2019-19331 CVE-2020-12667 Debian Bug : 932048...

Debian dla-3795 : knot-resolver - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3795 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3795-1 [email protected]...

Security Bulletin: Security vulnerabilities have been fixed in IBM Security Identity Manager Virtual Appliance

Summary IBM Security Identity Manager Virtual Appliance ISIM VA has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2021-29682 DESCRIPTION: IBM Security Identity Manager could allow a remote attacker to obtain sensitive information when a detailed technical error message ...

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2020-10894

The CVE-2020-10894 issue affects Foxit PhantomPDF 9.7.1.29511 (U3D object handling) and is caused by insufficient validation of user-supplied data, leading to a read past the end of an allocated object (out-of-bounds read). This enables remote information disclosure with user interaction required...

Knot Resolver < 4.1.0 Multiple Vulnerabilities

Knot Resolver is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

Fedora 30 : knot-resolver (2019-fdb50c675d)

fixes security issues CVE-2019-10190 and CVE-2019-10191 - https://lists.nic.cz/pipermail/knot-resolver-announce/2019/000009.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

Fedora 29 : knot-resolver (2019-20f95b0b39)

fixes security issues CVE-2019-10190 and CVE-2019-10191 - https://lists.nic.cz/pipermail/knot-resolver-announce/2019/000009.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

CVE-2019-10190

A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of...