Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/14 12:13 a.m.10 views

EUVD-2026-22178

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...

6.3CVSS6.3AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2023/12/21 9:28 a.m.18 views

CVE-2023-50783 Apache Airflow: Improper access control vulnerability on the "varimport" endpoint

Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification. Users are...

6.5CVSS6.6AI score0.0139EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/02/04 10:32 p.m.31 views

CVE-2022-23557 Division by zero in TFLite

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in BiasAndClamp implementation. There is no check that the biassize is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.7AI score0.00757EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/04/10 10:0 p.m.25 views

CVE-2016-9645 Editing restriction bypass for git revert

The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older than 2.8.0. This has been fixed in 3.20161229...

8AI score0.00944EPSS
Exploits0References3
Rows per page
Query Builder