66 matches found
datapizza-ai-cache-redis (=0.0.3), datapizza-ai-clients-anthropic (>=0.0.3 <=0.0.5) +21 more potentially affected by CVE-2026-2970 via datapizza-ai-core (>=0.0.1 <=0.0.26)
datapizza-ai-core PYPI version =0.0.1, =0.0.3, =0.0.2, =0.0.4, =0.0.4, =0.0.6, =0.0.6, =0.0.3, =0.0.3, =0.0.2, =0.0.2, =0.0.8 and more Source cves: CVE-2026-2970 Source advisory: OSV:GHSA-HG58-X52P-859C...
CVE-2026-2970 datapizza-labs datapizza-ai cache.py RedisCache deserialization
A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...
PT-2026-21492
A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...
MiracleLinux 8 : thunderbird-91.4.0-2.el8.ML.1 (AXSA:2022-2970:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2970:01 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...
EUVD-2026-2970
The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in all versions up to, and including, 6.3.6. This is due to the 'wpasdomractivateuser' function not verifying that a user has permission to modify other...
EUVD-2007-3826
Malware in sbrugna...
CVE-2012-2970
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service device hang via network traffic to port 1 1641, 2 3734, or 3 3735...
CVE-2025-2970
A vulnerability classified as problematic has been found in ConcreteCMS up to 9.3.9. Affected is an unknown function of the component Switch Language Block Handler. The manipulation of the argument Label leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...
CVE-2025-2970
creationtimestamp| type| source ---|---|--- 2025-03-31 04:57:53+00:00| seen| https://t.me/cvedetector/21531 2025-04-04 00:35:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10367...
CVE-2025-2970
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-2970
ConcreteCMS (up to 9.3.9) is affected by a cross-site scripting (XSS) flaw in the Switch Language Block Handler. The vulnerability arises from improper handling of the Label argument, enabling an attacker to inject scripts that get executed by end users’ browsers, potentially enabling cookie thef...
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification MMS protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial...
openSUSE Security Advisory (SUSE-SU-2024:2970-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress News Wall Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software News Wall Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2970 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 532cc4a5abb6 Credits Benedictus Jovan Required...
CVE-2024-2970
The News Wall plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the nwapnewslistpage function. This makes it possible for unauthenticated attackers to update the plugin's settings a...
openSUSE: Security Advisory for python (SUSE-SU-2023:2970-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-2970
creationtimestamp| type| source ---|---|--- 2024-01-09 15:17:17+00:00| seen| https://t.me/ctinow/165049...
openSUSE 15 Security Update : python-scipy (SUSE-SU-2023:2970-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2970-1 advisory. - CVE-2023-25399: Fixed minor refcounting issue in PyFindObjects bsc1213062. - CVE-2023-29824: Fixed use-after-free in PyFindObjects bsc1213137...
CVE-2023-2970
CVE-2023-2970 affects MindSpore 2.0.0-alpha/2.0.0-rc1. The issue is in JsonHelper::UpdateArray within mindspore/ccsrc/minddata/dataset/util/json_helper.cc and causes memory corruption. A patch (30f4729ea2c01e1ed437ba92a81e2fc098d608a9) is available to fix the issue. No exploitation details are pr...
CVE-2023-2970 MindSpore json_helper.cc UpdateArray memory corruption
A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/jsonhelper.cc. The manipulation leads to memory corruption. The name of the patch is...