CVE-2025-14930

A flaw was found in the Hugging Face Transformers library. The parsing of weights fails to validate user-supplied data, causing a deserialization of untrusted data. An attacker can exploit this issue by providing a malicious GLM4 model, resulting in arbitrary code execution in the context of the...

3m (>=0.1.1 <=0.1.3), 4dpocket (>=0.1.3 <=0.1.4) +8077 more potentially affected by CVE-2025-14930 via transformers (>=5.0.0 <=5.8.0)

transformers PYPI version =5.0.0, =0.1.1, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =2.3.15.994, =3.4.6 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 -...

01os (=0.0.14), 3-04-2025-ttm (=0.1.0) +3618 more potentially affected by CVE-2025-14930 via transformers (>=4.0.0 <=4.57.6)

transformers PYPI version =4.0.0, =0.10.11, =0.5.5, =0.0.4.80, =0.2.1, =0.1.0, =0.1.1, =1.3.8, =1.5.3 - acace-coherence-checker =0.1.0 - acace-compression-engine =0.1.0 - acace-semantic-analyzer =0.1.0 - acace-sentiment-analyzer =0.1.0 and more Source cves: CVE-2025-14930 Source advisory:...

allennlp (>=1.0.0 <=1.1.0rc1.dev20200709), allennlp-models (>=1.0.0 <=1.1.0rc1.dev20200709) +35 more potentially affected by CVE-2025-14930 via transformers (>=2.10.0 <=2.11.0)

transformers PYPI version =2.10.0, =1.0.0, =1.0.0, =0.0.1, =0.1.2, =0.1.3, =0.5.2, =0.1.2, =3.0.1, =0.1.0, =1.8.0, =0.12.2.dev2, =0.12.2.dev4 and more Source cves: CVE-2025-14930 Source advisory: OSV:PYSEC-2025-218...

CVE-2025-14930

creationtimestamp| type| source ---|---|--- 2025-12-18 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1145/ 2025-12-23 21:34:48+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115771027410495980...

CVE-2020-14930

An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the registered phone number of the user account, but i...

Linux Distros Unpatched Vulnerability : CVE-2017-14930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to...

CVE-2019-14930

creationtimestamp| type| source ---|---|--- 2024-01-29 10:41:44+00:00| seen| https://t.me/ctinow/175152...

SUSE CVE-2017-14930

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14930)

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. Also, the accounts ineaadmin and mitsadm...

Sql injection

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do...

ZOHO ManageEngine Applications Manager SQL注入漏洞

ZOHO ManageEngine Applications Manager is an IT operations management solution from ZOHO, Inc. Zoho ManageEngine Applications Manager through 14930 is vulnerable to SQL injection, which can be exploited to perform an authenticated SQL injection into showresource.do via the resourceid parameter...

CVE-2020-14930

The CVE-2020-14930 issue affects BT CTROMS Terminal OS Port Portal CT-464. The password-reset flow discloses the verification token in response to a getverificationcode.jsp request, sending the token not only to the user’s registered phone but also to an unauthenticated HTTP client. This could en...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1205)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-14930

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. Also, the accounts ineaadmin...

CVE-2019-14930

CVE-2019-14930 affects Mitsubishi Electric Europe B.V. ME-RTU (through 2.02) and INEA ME-RTU (through 3.0). The issue arises from undocumented hard-coded credentials for root, ineaadmin, mitsadmin, and maint, enabling unauthenticated access to the RTU. Additionally, ineaadmin and mitsadmin can es...

CVE-2019-14930

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. Also, the accounts ineaadmin...

CVE-2018-14930

The CVE-2018-14930 entry concerns the Polaris FT Intellect Core Banking 9.7.1 Armor module where a CSRF vulnerability can be triggered via the URI /CollatWebApp/gcmsRefInsert?name=SUPP. The incident is documented in multiple sources (NVD, CVE pages, and Prion/CVELIST records) with consistent desc...

Photon OS 2.0 : Linux / Postgresql / Binutils / Curl / Libtiff (PhotonOS-PHSA-2018-2.0-0016) (deprecated)

An update of 'linux', 'curl', 'binutils', 'postgresql', 'libtiff' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0016. The...

DEBIAN-CVE-2017-14930

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...