GHSA-5R2P-PJR8-7FH7 SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality

Summary This advisory addresses the use of the searchhub function within the SageMaker Python SDK's JumpStart search functionality. An actor with the ability to control query parameters passed to the searchhub function could potentially provide malformed input that causes the eval function to...

SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality

Summary This advisory addresses the use of the searchhub function within the SageMaker Python SDK's JumpStart search functionality. An actor with the ability to control query parameters passed to the searchhub function could potentially provide malformed input that causes the eval function to...

CVE-2019-25305

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...

CVE-2019-25305 JumpStart 0.6.0.0 - 'jswpbapi' Unquoted Service Path

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...

CVE-2019-25305 JumpStart 0.6.0.0 - 'jswpbapi' Unquoted Service Path

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...

CVE-2019-25305

CVE-2019-25305 affects JumpStart 0.6.0.0 and involves an unquoted service path vulnerability in the jswpbapi service that runs with LocalSystem privileges. The unquoted path containing spaces can be exploited to inject and execute malicious code with elevated system permissions. Multiple connecte...

Inforprograma JumpStart 代码问题漏洞

Inforprograma JumpStart is a software installation and configuration tool developed by Inforprograma in Portugal. Version 0.6.0.0 of Inforprograma JumpStart contains a code vulnerability. This vulnerability stems from the jswpbapi service having a service path that lacks quotation marks, which ma...

EUVD-2022-38671

Malicious code in bioql PyPI...

EUVD-2022-24385

Malicious code in bioql PyPI...

CVE-2022-1038

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software...

Microsoft Azure Arc Jumpstart Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure Arc Jumpstart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Azure Arc Jumpstart. When installed from the official...

CVE-2022-35798

Azure Arc Jumpstart Information Disclosure Vulnerability...

CVE-2022-35798

Azure Arc Jumpstart Information Disclosure Vulnerability...

Information disclosure

Azure Arc Jumpstart Information Disclosure Vulnerability...

CVE-2022-35798

CVE-2022-35798 concerns Azure Arc Jumpstart. In the connected PT-2022-4401 entry, the issue is described as an information-disclosure vulnerability through registration files, potentially allowing an attacker to gain unauthorized access to protected information. Exploitation details, affected ver...

CVE-2022-1038

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software...

Design/Logic Flaw

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software...

HP Jumpstart 安全漏洞

HP Jumpstart is a multi-stage pre-installed welcome program from Hewlett-Packard HP USA for various HP products. A security vulnerability exists in HP Jumpstart. An attacker could exploit the vulnerability to escalate privileges...

CVE-2022-1038

CVE-2022-1038 describes a potential privilege-escalation vulnerability in HP Jumpstart. The connected HP advisory indicates HP Jumpstart has been discontinued and replaced by the myHP software; HP recommends uninstalling Jumpstart and using myHP, with a Jumpstart Removal tool provided. Exploitati...

CVE-2022-1038

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software...