36545 matches found
CVE-2025-33184
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33184
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
EUVD-2025-198023
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33183
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
EUVD-2025-198024
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33183
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33183
CVE-2025-33183 affects NVIDIA Isaac-GR00T across platforms via a Python-component code injection vulnerability. The issue stems from TorchSerializer deserialization of untrusted data, enabling potential code execution, privilege escalation, information disclosure, and data tampering. Connected so...
CVE-2025-63604
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...
CVE-2025-63604
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...
NVIDIA Isaac-GR00T 代码注入漏洞
NVIDIA Isaac-GR00T is an open base modeling platform from NVIDIA. NVIDIA Isaac-GR00T suffers from a code injection vulnerability that stems from a code injection issue in the Python component that could lead to code execution, elevation of privilege, information disclosure, and data tampering...
SourceCodester Student Grades Management System 代码注入漏洞
SourceCodester Student Grades Management System is a SourceCodester open source student grades management system. A code injection vulnerability exists in SourceCodester Student Grades Management System version 1.0, which stems from an incorrect manipulation of the parameter Remarks in the file...
NVIDIA Isaac-GR00T 代码注入漏洞
NVIDIA Isaac-GR00T is an open base modeling platform from NVIDIA. NVIDIA Isaac-GR00T suffers from a code injection vulnerability that stems from a code injection issue in the Python component that could lead to code execution, elevation of privilege, information disclosure, and data tampering...
PT-2025-47349
Name of the Vulnerable Software and Affected Versions NVIDIA Isaac-GR00T for all platforms affected versions not specified Description A flaw exists in a Python component of NVIDIA Isaac-GR00T that could allow an attacker to inject code. Exploitation of this issue may result in code execution,...
Siemens RUGGEDCOM ROS Improper Control of Generation of Code (CVE-2022-34663)
Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device. This plugin only works wit...
SourceCodester Interview Management System 代码注入漏洞
SourceCodester Interview Management System is a SourceCodester open source interview management system. A code injection vulnerability exists in version 1.0 of the SourceCodester Interview Management System, which stems from an incorrect manipulation of the parameter Question in the file...
EUVD-2025-198041
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...
PT-2025-47332
Name of the Vulnerable Software and Affected Versions baryhuang/mcp-server-aws-resources-python version 0.1.0 Description A code injection issue exists due to insufficient input validation in the execute query method. This allows for remote code execution by exposing dangerous Python built-in...
CVE-2025-63604
CVE-2025-63604 affects baryhuang/mcp-server-aws-resources-python 0.1.0. A code-injection flaw stems from insufficient input validation in the execute_query method, exposing dangerous built-ins (import , getattr, hasattr) in the execution namespace and using exec() to run user-supplied code. Attac...
WordPress plugin The Classified Listing – Classified ads & Business Directory Plugin 代码注入漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injection...
ProjectSend 代码注入漏洞
ProjectSend cFTP is the ProjectSend open source suite of self-hosted applications based on PHP and MySQL. A code injection vulnerability exists in ProjectSend r1720 and earlier versions, which stems from a misbehavior of the component File Editor/Custom Download Aliases and could lead to cross-si...