CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added 2024/07/04 6:58 a.m.•39 views

Brazil Halts Meta's AI Data Processing Amid Privacy Concerns

Brazil's data protection authority, Autoridade Nacional de Proteção de Dados ANPD, has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence AI algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate leg...

7AI score

Mageia•added 2024/06/20 2:32 a.m.•47 views

Updated python-scikit-learn packages fix security vulnerability

A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...

4.7CVSS6.6AI score0.00037EPSS

Exploits0References2

NVD•added 2024/06/19 3:15 p.m.•10 views

CVE-2024-22263

Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api...

8.8CVSS0.77749EPSS

Exploits1References1

Redos•added 2024/06/11 12:0 a.m.•16 views

ROS-20240611-05

The vulnerability of the Zabbix Workstation universal monitoring system server is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow a remote attacker to execute an arbitrary code by injecting a specially crafted SQL query. arbitrary code by...

9.1CVSS8.4AI score0.91949EPSS

Exploits5

vulnersOsv•added 2024/06/06 7:15 p.m.•1 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +849 more potentially affected by CVE-2024-2965 via langchain (>=0.0.100 <=0.2.4)

langchain PYPI version =0.0.100, =0.1.0, =0.1.7, =0.2.1, =0.1.0, =0.0.2, =0.0.1, =0.1.0, =0.0.1, =1.1.2, =0.1.0, =0.0.18, =0.0.19b2 and more Source cves: CVE-2024-2965 Source advisory: OSV:PYSEC-2024-118...

4.7CVSS5.8AI score0.00038EPSS

Exploits1

Spring Engineering•added 2024/05/21 12:0 a.m.•13 views

Deploy and Scale Spring Batch in the Cloud – with Adaptive Cost Control

May 21, 2024, at 9 AM PST You can now use Azure Spring Apps to effectively run Spring Batch applications with adaptive cost control. You only pay when batch jobs are running, and you can simply lift and shift your Spring Batch jobs with no code change. Spring Batch is a framework for processing...

OSV•added 2024/05/15 6:6 p.m.•7 views

GHSA-PGJ4-G5J4-CMFX cart2quote/module-quotation-encoded Remote Code Execution via downloadCustomOptionAction

cart2quote/module-quotation-encoded extension may expose a critical security vulnerability by utilizing the unserialize function when processing data from a GET request. This flaw, present in the app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and...

7CVSS8.3AI score

CNNVD•added 2024/05/03 12:0 a.m.•3 views

NETGEAR RAX30 安全漏洞

NETGEAR RAX30 is a dual-band wireless router from NETGEAR. A security vulnerability exists in NETGEAR RAX30 that originates from a buffer overflow vulnerability during JSON data processing...

8CVSS7AI score0.00264EPSS

Schneier on Security•added 2024/04/24 11:5 a.m.•15 views

Dan Solove on Privacy Regulation

Law professor Dan Solove has a new article on privacy regulation. In his email to me, he writes: "I’ve been pondering privacy consent for more than a decade, and I think I finally made a breakthrough with this article." His mini-abstract: In this Article I argue that most of the time, privacy...

Redos•added 2024/03/28 12:0 a.m.•30 views

ROS-20240328-05

Vulnerability of icmpping function of Zabbix universal monitoring system is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the smart.disk.get edent of the Zabbix...

9.8CVSS7.7AI score0.01064EPSS

Spring Engineering•added 2024/03/13 12:0 a.m.•14 views

Spring Tips: Spring Batch Remote Partitioning, your easy button for data scale!

Hi, Spring fans! In this installment, Spring Developer Advocate Josh Long looks at how to use Spring Batch's remote partitioning support to easy-button your data processing scale out strategies. postgresql ai datascience data springboot java java21...

Qualys Blog•added 2024/02/26 5:28 p.m.•13 views

A Comprehensive Assessment of the General Personal Data Protection Law (LGPD)

Most nations need to protect sensitive data for any number of reasons. Assuring legal compliance, protecting national security, preventing abuse and prejudice, improving global competitiveness, and upholding ethical standards are all vital requirements. Data privacy enhances the safety, security,...

6.9AI score

CNNVD•added 2024/02/06 12:0 a.m.•2 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from an audio memory corruption when processing calibration data returned from the ACDB loader...

7.8CVSS6.9AI score0.0002EPSS

Kitploit•added 2024/02/03 11:30 a.m.•24 views

Nemesis - An Offensive Data Enrichment Pipeline

Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data produced during offensive security assessments. Nemesis aims to automate a number of...

7.3AI score

Wallarm Lab•added 2024/01/30 1:58 p.m.•13 views

Kafka vs RabbitMQ

An Intro to Kafka and RabbitMQ: The Masters of Messaging In the realm of messaging systems, two names stand out: Kafka and RabbitMQ. These two powerhouses have become the go-to solutions for developers and organizations looking to handle high-volume, real-time data processing and messaging. But...