Lucene search
K

77 matches found

Chainguard
Chainguard
added 2026/07/01 2:16 p.m.8 views

GHSA-7FPX-M38W-8859 vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/29 6:39 p.m.31 views

CVE-2026-7259

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.6 views

RHEL 9 : giflib (RHSA-2026:8859)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8859 advisory. giflib is a library for reading and writing gif images. Security Fixes: giflib: Giflib: Double-free vulnerability leading to memory corruption...

7CVSS5.8AI score0.00144EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/03/12 12:0 a.m.11 views

vim security update

8.0.1763-22.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-22 - RHEL-147935 CVE-2026-25749 vim: Heap Overflow in Vim...

6.6CVSS5.8AI score0.00213EPSS
Exploits1
Oracle linux
Oracle linux
added 2025/10/09 12:0 a.m.14 views

vim security update

8.0.1763-21.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-21 - RHEL-112003 CVE-2025-53905 vim: Vim path traversial - RHEL-112007 CVE-2025-53906 vim: Vim path traversal 2:8.0.1763-20 - fix issue...

4.1CVSS7.6AI score0.02303EPSS
Exploits8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-1762

Malware in sbrugna...

5CVSS6.4AI score0.02111EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2988

Malware in sbrugna...

5CVSS6.4AI score0.01665EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d...

7.5CVSS6.5AI score0.03486EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2015-8859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors. CVE-2015-8859 Note that Nessus relies on the presen...

5.3CVSS6.7AI score0.04697EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/13 3:28 p.m.8 views

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

8.8CVSS7.2AI score0.00325EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.5 views

CVE-2020-8859

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...

7.5CVSS6.5AI score0.03486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 11:20 a.m.6 views

CVE-2024-8859

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while...

7.5CVSS6.6AI score0.02484EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.3 views

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +181 more potentially affected by CVE-2024-8859 via mlflow (>=0.8.2 <=2.17.0)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =0.1.3, =3.0.0, =0.1.0, =0.3.5, =0.3.8 and more Source cves: CVE-2024-8859 Source advisory: OSV:GHSA-4RQF-8PFM-P36R...

7.5CVSS7AI score0.02484EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 10:47 a.m.7 views

autonomize-model-sdk (=1.0.4), autorad (=0.2.6) +43 more potentially affected by CVE-2024-8859 via mlflow (>=2.0.0rc0 <=2.17.0)

mlflow PYPI version =2.0.0rc0, =0.1.3, =1.2.0, =0.8.0, =0.0.10, =0.0.41, =1.0.0, =0.0.1, =0.1.0, =0.1.5, =1.10.2, =0.1.2, =1.2.7, =0.1.0, =0.2.13 and more Source cves: CVE-2024-8859 Source advisory: SNYK:PYTHON-MLFLOW-9486462...

7.5CVSS7AI score0.02484EPSS
Exploits1
NVD
NVD
added 2025/03/20 10:15 a.m.10 views

CVE-2024-8859

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while...

7.5CVSS0.02484EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.4 views

CVE-2024-8859 Path Traversal in mlflow/mlflow

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while...

7.5CVSS7.4AI score0.02484EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.13 views

CVE-2024-8859 Path Traversal in mlflow/mlflow

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while...

7.5CVSS0.02484EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:9 a.m.91 views

CVE-2024-8859

Mlflow/mlflow 2.15.1 contains a path traversal/local file read vulnerability when using the dbfs service: the URL is interpolated into the file protocol with only the path portion validated, enabling reading arbitrary server files when dbfs is mounted locally. Public sources (Nuclei template, OSV...

7.5CVSS7.4AI score0.02484EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/03/20 10:9 a.m.7 views

CVE-2024-8859 Path Traversal in mlflow/mlflow

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while...

7.5CVSS7.1AI score0.02484EPSS
Exploits1References4
OSV
OSV
added 2024/11/05 10:19 p.m.12 views

GHSA-HXF5-99XG-86HW cap-std doesn't fully sandbox all the Windows device filenames

Impact cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so o...

2.3CVSS6.4AI score0.0056EPSS
Exploits0References8
Rows per page
Query Builder