Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2024-17a3b4d4c3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.1AI score0.00507EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-27758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote...

8.4CVSS7.6AI score0.00507EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.5 views

Fedora 41 : python-rpyc (2024-17a3b4d4c3)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-17a3b4d4c3 advisory. Fix CVE-2024-27758 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

8.4CVSS7.8AI score0.00507EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/25 12:0 a.m.9 views

openSUSE Security Advisory (openSUSE-SU-2024:0082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.4AI score0.00507EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2024/03/15 12:0 a.m.7 views

Security update for python-rpyc (important)

openSUSE Security Update: Security update for python-rpyc Announcement ID: openSUSE-SU-2024:0082-1 Rating: important References: 1221331 Cross-References: CVE-2024-27758 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This...

8.4CVSS7.8AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/03/12 8:8 p.m.21 views

CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8.5CVSS6.9AI score0.00507EPSS
Exploits0References4
OSV
OSV
added 2024/03/12 4:15 p.m.20 views

CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8.4CVSS8AI score
Exploits0References2
OSV
OSV
added 2024/03/12 4:15 p.m.1 views

DEBIAN-CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8.4CVSS8.3AI score0.00507EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/12 4:15 p.m.24 views

CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8.4CVSS7.4AI score0.00507EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/03/12 4:15 p.m.4 views

aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=3.3.0 <=5.3.1)

rpyc PYPI version =3.3.0, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.10.60, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:PYSEC-2024-44...

8.4CVSS7.2AI score0.00507EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/12 12:0 a.m.13 views

CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8AI score0.00507EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/12 12:0 a.m.48 views

CVE-2024-27758

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

7.5AI score0.00507EPSS
Exploits0References2
CVE
CVE
added 2024/03/12 12:0 a.m.110 views

CVE-2024-27758

CVE-2024-27758 affects RPyC prior to 6.0.0. The issue arises when a server exposes a method that calls the attribute array on a client-provided netref (e.g., np.array(client_netref)), enabling remote code execution. Impact is system compromise with high severity; exploit requires local access/vec...

8.4CVSS7.3AI score0.00507EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/03/06 5:5 p.m.5 views

aedttest (=0.0.2), ansys-magnet-segmentation-toolkit (>=0.3.2 <=0.3.3) +51 more potentially affected by CVE-2024-27758 via rpyc (>=4.0.1 <=5.3.1)

rpyc PYPI version =4.0.1, =0.3.2, =3.0.0, =0.0.25, =0.2.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =0.0.0, =2.17.18, =3.11.20 - fuzzydata =0.0.2 and more Source cves: CVE-2024-27758 Source advisory: OSV:GHSA-H5CG-53G7-GQJW...

8.4CVSS7.2AI score0.00507EPSS
Exploits0
OSV
OSV
added 2024/03/06 5:5 p.m.15 views

GHSA-H5CG-53G7-GQJW RPyC's missing security check results in code execution when using numpy.array on the server-side.

An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the array attribute component. This vulnerability was introduced in 9f45f826. Attack Vector RPyC services that rely on the array attribute used by numpy are impacted. When...

8.5CVSS8.5AI score0.00507EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2024/03/06 5:5 p.m.27 views

RPyC's missing security check results in code execution when using numpy.array on the server-side.

An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the array attribute component. This vulnerability was introduced in 9f45f826. Attack Vector RPyC services that rely on the array attribute used by numpy are impacted. When...

8.4CVSS8.3AI score0.00507EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder