Lucene search
K

66 matches found

vulnersOsv
vulnersOsv
added 2026/02/23 6:30 a.m.15 views

datapizza-ai-cache-redis (=0.0.3), datapizza-ai-clients-anthropic (>=0.0.3 <=0.0.5) +21 more potentially affected by CVE-2026-2970 via datapizza-ai-core (>=0.0.1 <=0.0.26)

datapizza-ai-core PYPI version =0.0.1, =0.0.3, =0.0.2, =0.0.4, =0.0.4, =0.0.6, =0.0.6, =0.0.3, =0.0.3, =0.0.2, =0.0.2, =0.0.8 and more Source cves: CVE-2026-2970 Source advisory: OSV:GHSA-HG58-X52P-859C...

7.5CVSS5.8AI score0.00821EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/02/23 4:2 a.m.2 views

CVE-2026-2970 datapizza-labs datapizza-ai cache.py RedisCache deserialization

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...

4.6CVSS4.2AI score0.00821EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.6 views

PT-2026-21492

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...

4.6CVSS4.3AI score0.00821EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-91.4.0-2.el8.ML.1 (AXSA:2022-2970:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2970:01 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

8.8CVSS8.1AI score0.0202EPSS
Exploits0References11
EUVD
EUVD
added 2026/01/16 4:44 a.m.3 views

EUVD-2026-2970

The Awesome Support - WordPress HelpDesk & Support Plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in all versions up to, and including, 6.3.6. This is due to the 'wpasdomractivateuser' function not verifying that a user has permission to modify other...

6.5CVSS5.3AI score0.00363EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3826

Malware in sbrugna...

4.3CVSS6.4AI score0.00845EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:29 a.m.5 views

CVE-2012-2970

The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service device hang via network traffic to port 1 1641, 2 3734, or 3 3735...

7.8CVSS7AI score0.01465EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:44 a.m.16 views

CVE-2025-2970

A vulnerability classified as problematic has been found in ConcreteCMS up to 9.3.9. Affected is an unknown function of the component Switch Language Block Handler. The manipulation of the argument Label leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

6.3AI score
Exploits0References6
Circl
Circl
added 2025/03/31 4:57 a.m.7 views

CVE-2025-2970

creationtimestamp| type| source ---|---|--- 2025-03-31 04:57:53+00:00| seen| https://t.me/cvedetector/21531 2025-04-04 00:35:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10367...

4.8AI score
Exploits0References2
NVD
NVD
added 2025/03/31 2:15 a.m.12 views

CVE-2025-2970

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
CVE
CVE
added 2025/03/31 1:31 a.m.54 views

CVE-2025-2970

ConcreteCMS (up to 9.3.9) is affected by a cross-site scripting (XSS) flaw in the Switch Language Block Handler. The vulnerability arises from improper handling of the Label argument, enabling an attacker to inject scripts that get executed by end users’ browsers, potentially enabling cookie thef...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/09 3:33 p.m.36 views

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification MMS protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial...

10CVSS8.4AI score0.05413EPSS
Exploits2
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:2970-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.00497EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/04/01 12:0 a.m.13 views

WordPress News Wall Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software News Wall Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2970 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 532cc4a5abb6 Credits Benedictus Jovan Required...

4.3CVSS6.6AI score0.00204EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/29 7:15 a.m.17 views

CVE-2024-2970

The News Wall plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the nwapnewslistpage function. This makes it possible for unauthenticated attackers to update the plugin's settings a...

4.3CVSS4.2AI score0.00204EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.16 views

openSUSE: Security Advisory for python (SUSE-SU-2023:2970-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.01334EPSS
Exploits2References2
Circl
Circl
added 2024/01/09 3:17 p.m.6 views

CVE-2019-2970

creationtimestamp| type| source ---|---|--- 2024-01-09 15:17:17+00:00| seen| https://t.me/ctinow/165049...

7.5CVSS7.9AI score0.01442EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/26 12:0 a.m.25 views

openSUSE 15 Security Update : python-scipy (SUSE-SU-2023:2970-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2970-1 advisory. - CVE-2023-25399: Fixed minor refcounting issue in PyFindObjects bsc1213062. - CVE-2023-29824: Fixed use-after-free in PyFindObjects bsc1213137...

9.8CVSS7.1AI score0.01334EPSS
Exploits2References7
CVE
CVE
added 2023/05/30 5:31 a.m.78 views

CVE-2023-2970

CVE-2023-2970 affects MindSpore 2.0.0-alpha/2.0.0-rc1. The issue is in JsonHelper::UpdateArray within mindspore/ccsrc/minddata/dataset/util/json_helper.cc and causes memory corruption. A patch (30f4729ea2c01e1ed437ba92a81e2fc098d608a9) is available to fix the issue. No exploitation details are pr...

6.5CVSS5AI score0.00875EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/05/30 5:31 a.m.27 views

CVE-2023-2970 MindSpore json_helper.cc UpdateArray memory corruption

A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/jsonhelper.cc. The manipulation leads to memory corruption. The name of the patch is...

3.5CVSS6.7AI score0.00875EPSS
Exploits0References4
Rows per page
Query Builder