aigco (=0.0.3), airoboros (>=2.1.6 <=2.2.1) +80 more potentially affected by CVE-2026-31253 via flash-attn (>=0.2.8 <=2.8.3)

flash-attn PYPI version =0.2.8, =2.1.6, =1.1.2, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.1.3, =0.1.0, =0.0.7rc14, =0.0.1, =0.0.1, =0.0.3 and more Source cves: CVE-2026-31253 Source advisory: OSV:GHSA-7G5W-PQ96-8C5W...

CVE-2026-31253

The CVE-2026-31253 entry concerns the flash-attention training framework. A deserialization flaw exists in the checkpoint loading path (checkpoint.py load_checkpoint and eval.py) where torch.load() is used without weights_only=True, enabling pickle-based object deserialization. This can allow an ...

CVE-2024-31253

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3...

CVE-2025-31253

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced...

CVE-2025-31253

creationtimestamp| type| source ---|---|--- 2025-05-12 22:47:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loz2g2zh2y2h 2025-05-13 01:19:14+00:00| seen| https://t.me/cvedetector/25119...

CVE-2025-31253

CVE-2025-31253 affects FaceTime on Apple devices. Root cause: a state-management flaw caused muting the microphone during a FaceTime call to fail. Impact: microphone may not be silenced as intended during FaceTime. Mitigation: Apple ships fixes in iOS 18.5 and iPadOS 18.5, addressing the issue th...

CVE-2025-31253

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced...

CVE-2024-31253 WordPress WP OAuth Server (OAuth Authentication) plugin <= 4.3.3 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3...

WordPress OAuth Server Plugin <= 4.3.3 is vulnerable to Open Redirection

Software OAuth Server Type Plugin Vulnerable versions = 4.3.3 Fixed in 4.4.0 OWASP Top 10 A5: Security Misconfiguration Classification Open Redirection CVE CVE-2024-31253 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 0b209ddaec61 Credits Le Ngoc Anh Required privilege...

CVE-2022-31253

creationtimestamp| type| source ---|---|--- 2022-11-09 16:36:05+00:00| seen| https://t.me/cibsecurity/52712...

CVE-2022-31253

A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior ...

CVE-2022-31253

CVE-2022-31253 covers an Untrusted Search Path vulnerability in openldap2 for openSUSE Factory. The issue allows a local attacker who has control of the ldap user or group to change ownership of arbitrary directory entries to that user/group, enabling escalation to root. Affected are openldap2 ve...

CVE-2022-31253

A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior ...

Oracle Forms and Reports - Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class Metasploit3 'Oracle Forms and Reports Remote Code Execution', 'Description' = %q This module uses two vulnerabilities in Oracle form...