Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0106

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00844EPSS
Exploits1References5
Veracode
Veracode
added 2024/09/12 6:21 p.m.8 views

Eval Injection

MindsDB is vulnerable to arbitrary code execution. The vulnerability is due to unsanitized input in the ChromaDB integration, where a specially crafted 'INSERT' query containing Python code is passed to an eval function and executed on the server...

8.8CVSS7.7AI score0.00844EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/09/12 1:15 p.m.27 views

CVE-2024-45848

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

8.8CVSS0.00844EPSS
Exploits1References1
OSV
OSV
added 2024/09/12 1:15 p.m.12 views

CVE-2024-45848

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

8.8CVSS8.8AI score
Exploits0References1
PyPA
PyPA
added 2024/09/12 1:15 p.m.10 views

PYSEC-2024-78

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

8.8CVSS7.9AI score0.00844EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/12 12:58 p.m.16 views

CVE-2024-45848

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

8.8CVSS7.6AI score0.00844EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/12 12:58 p.m.25 views

CVE-2024-45848

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

8.8CVSS0.00844EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.5 views

PT-2024-6369 · Mindsdb +1 · Mindsdb +1

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.12.4.0 through 24.7.4.1 Description: An arbitrary code execution issue exists when the ChromaDB integration is installed on the server. If a specially crafted INSERT query containing Python code is run against a database...

9CVSS8.5AI score0.00844EPSS
Exploits1References18
Rows per page
Query Builder