18 matches found
EUVD-2025-29454
Malicious code in bioql PyPI...
EUVD-2025-29436
Malicious code in bioql PyPI...
EUVD-2025-29464
Malicious code in bioql PyPI...
EUVD-2025-29433
Malicious code in bioql PyPI...
EUVD-2025-29469
Malicious code in bioql PyPI...
EUVD-2025-29491
Malicious code in bioql PyPI...
EUVD-2025-29458
Malicious code in bioql PyPI...
Remote Code Execution (RCE)
picklescan is vulnerable to Remote Code Execution RCE. The vulnerability is due to the idlelib.run.Executive.runcode function executing arbitrary pickle files, which allows an attacker to run malicious code remotely...
GHSA-3GF5-CXQ9-W223 Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcode
Summary Using idlelib.pyshell.ModifiedInterpreter.runcode function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.pyshell.ModifiedInterpreter.runcod...
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand
Summary Using idlelib.pyshell.ModifiedInterpreter.runcommand function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
Picklescan is missing detection when calling built-in python idlelib.run.Executive.runcode
Summary Using idlelib.run.Executive.runcode function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.run.Executive.runcode function in reduce method...
GHSA-9XPH-J2H6-G47V Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity
Summary Using idlelib.calltip.getentity function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.calltip.getentity function in reduce method Then whe...
Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity
Summary Using idlelib.calltip.getentity function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.calltip.getentity function in reduce method Then whe...
GHSA-8R4J-24QV-FMQ9 Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip
Summary Using idlelib.calltip.Calltip.fetchtip, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.calltip.Calltip.fetchtip function in reduce method The...
Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip
Summary Using idlelib.calltip.Calltip.fetchtip, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.calltip.Calltip.fetchtip function in reduce method The...
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions
Summary Using idlelib.autocomplete.AutoComplete.fetchcompletions, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity
Summary Using idlelib.autocomplete.AutoComplete.getentity, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.autocomplete.AutoComplete.getentity functio...
Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem
Summary Using idlelib.debugobj.ObjectTreeItem.SetText, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.debugobj.ObjectTreeItem.SetText function in...