Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 3:3 p.m.2 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Path Traversal in ONNX [CVE-2025-51480]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Path Traversal, due to an issue with onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 that allows attackers to bypass intended directory restrictions. CVE-2025-51480. Onnx is used in our speech service runtimes. This...

8.8CVSS7.3AI score0.00578EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2025/11/11 12:41 a.m.5 views

EUVD-2025-51480

Malicious code in toxic-amber-trout npm...

6.6AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/22 4:15 p.m.4 views

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +293 more potentially affected by CVE-2024-5187 +1 more via onnx (>=0.2.0 <=1.17.0)

onnx PYPI version =0.2.0, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.3.0, =0.1.8, =1.7.0, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.4.30 and more Source cves: CVE-2024-5187, CVE-2025-51480 Source advisory: OSV:PYSEC-2025-148...

8.8CVSS7.2AI score0.01168EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2025/07/22 4:15 p.m.2 views

CVE-2025-51480

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted externaldata.location paths containing traversal sequences, bypassing intended directory restrictions...

8.8CVSS7.3AI score0.00578EPSS
Exploits1References6
CVE
CVE
added 2025/07/22 12:0 a.m.30 views

CVE-2025-51480

A CVE-2025-51480 exists for ONNX 1.17.0 reporting a path traversal flaw in onnx.external_data_helper.save_external_data that lets an attacker overwrite arbitrary files by crafted external_data.location traversal sequences. Affected component is ONNX 1.17.0; root cause involves directory traversal...

8.8CVSS6.7AI score0.00578EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/22 12:0 a.m.2 views

CVE-2025-51480

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted externaldata.location paths containing traversal sequences, bypassing intended directory restrictions...

7.2AI score0.00578EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/22 12:0 a.m.14 views

CVE-2025-51480

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted externaldata.location paths containing traversal sequences, bypassing intended directory restrictions...

0.00578EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/02/05 3:18 a.m.5 views

CVE-2024-51480

RedisTimeSeries is a time-series database TSDB module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially...

7CVSS7.8AI score0.00202EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/08 3:20 p.m.20 views

CVE-2024-51480 RedisTimeSeries Integer Overflow Remote Code Execution Vulnerability

RedisTimeSeries is a time-series database TSDB module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially...

7CVSS0.00202EPSS
Exploits1References1
CVE
CVE
added 2025/01/08 3:20 p.m.52 views

CVE-2024-51480

CVE-2024-51480 (RedisTimeSeries) affects RedisTimeSeries; a vulnerability arises when an authenticated user runs TS.QUERYINDEX, TS.MGET, TS.MRAGE, or TS.MREVRANGE with crafted arguments, causing an integer overflow that may lead to a heap overflow and potentially remote code execution. Affected s...

7CVSS7.4AI score0.00202EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2024/06/06 9:30 p.m.6 views

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +173 more potentially affected by CVE-2024-5187 +1 more via onnx (>=0.2.0 <=1.16.1)

onnx PYPI version =0.2.0, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.1.4 - autodistill-yolonas =0.1.1 and more Source cves: CVE-2024-5187, CVE-2025-51480 Source advisory: OSV:GHSA-6RQ9-53C3-F7VJ...

8.8CVSS7.2AI score0.01168EPSS
Exploits2
Circl
Circl
added 2024/02/10 10:31 a.m.8 views

CVE-2023-51480

creationtimestamp| type| source ---|---|--- 2024-02-10 10:31:39+00:00| seen| https://t.me/ctinow/182515 2024-03-03 12:11:40+00:00| seen| https://t.me/ctinow/198701...

6.5CVSS6.7AI score0.0031EPSS
Exploits0References2
CVE
CVE
added 2024/02/10 8:34 a.m.69 views

CVE-2023-51480

CVE-2023-51480 affects the WordPress plugin “Active Products Tables for WooCommerce” (Professional/Profit Products Tables). The vulnerability is a Cross‑Site Scripting (Stored XSS) due to improper neutralization of input during web page generation. It lists affected versions as

6.5CVSS6.7AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.11 views

WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Active Products Tables for WooCommerce Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51480 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1afdf4fd5235 Credits LVT-tholv2k...

6.5CVSS6.6AI score0.0031EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder