CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7047 matches found

CNNVD•added 2023/11/28 12:0 a.m.•5 views

Chamilo LMS Security Vulnerability

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS v1.11.24 and prior versions,...

8.8CVSS6.9AI score0.02433EPSS

Exploits6References5

CNNVD•added 2023/11/28 12:0 a.m.•2 views

Chamilo LMS Security Vulnerability

8.1CVSS6.9AI score0.76084EPSS

Exploits27References5

CNNVD•added 2023/11/28 12:0 a.m.•3 views

Chamilo LMS Security Vulnerability

9.8CVSS7.3AI score0.68897EPSS

Exploits1References4

Positive Technologies•added 2023/11/28 12:0 a.m.•3 views

PT-2023-28292 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.24 Description: The issue allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell, specifically through the big file upload...

8.1CVSS9.1AI score0.76084EPSS

Exploits27References13

CNNVD•added 2023/11/28 12:0 a.m.•4 views

Chamilo LMS Security Vulnerability

8.8CVSS7AI score0.02433EPSS

Exploits6References6

CNNVD•added 2023/11/28 12:0 a.m.•5 views

Chamilo LMS Security Vulnerability

8.8CVSS7AI score0.02433EPSS

Exploits6References5

Positive Technologies•added 2023/11/28 12:0 a.m.•3 views

PT-2023-28301 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.24 Description: The issue allows authenticated attackers with a learner role to achieve remote code execution. This is possible due to an unrestricted file upload in the /main/inc/ajax/work.ajax.php endpoint...

8.8CVSS9.1AI score0.02433EPSS

Exploits6References9

The Hacker News•added 2023/11/27 6:55 a.m.•26 views

U.S., U.K., and Global Partners Release Secure AI System Development Guidelines

The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial intelligence AI systems. "The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, an...

7.8AI score

Exploits0

CNVD•added 2023/11/22 12:0 a.m.•18 views

Apache Submarine Deserialization Vulnerability

Apache Submarine is a cloud-native machine learning platform from the Apache USA Foundation. Apache Submarine suffers from a deserialization vulnerability that stems from unsafe deserialization processing by snakeyaml when receiving serialized data submitted by a user, which can be exploited by a...

9.8CVSS7.2AI score0.01747EPSS

Exploits1References1

CNNVD•added 2023/11/16 12:0 a.m.•2 views

H2O Security Breach

H2O is an in-memory platform for distributed, scalable machine learning. H2O suffers from a security vulnerability that stems from allowing an unauthenticated attacker to read any file on the server where the H2O dashboard resides...

9.3CVSS6.8AI score0.0434EPSS

Exploits1References2

CNNVD•added 2023/11/16 12:0 a.m.•2 views

H2O Security Breach

H2O is an in-memory platform for distributed, scalable machine learning. H2O suffers from a security vulnerability that stems from allowing an unauthorized attacker to access the S3 bucket and execute remote code...

8.7CVSS7AI score0.00855EPSS

Exploits1References2

CNNVD•added 2023/11/16 12:0 a.m.•3 views

H2O Security Breach

H2O is an in-memory platform for distributed, scalable machine learning. H2O suffers from a security vulnerability that stems from allowing an attacker to execute remote code via the POJO model import function...

10CVSS7.8AI score0.30567EPSS

Exploits1References2

CNNVD•added 2023/11/16 12:0 a.m.•4 views

H2O Security Breach

H2O is an in-memory platform for distributed, scalable machine learning. H2O has a security vulnerability that stems from the presence of a stored cross-site scripting XSS vulnerability. An attacker can exploit the vulnerability to cause a local file inclusion...

9.3CVSS5.7AI score0.00749EPSS

Exploits1References2

CNNVD•added 2023/11/15 12:0 a.m.•2 views

WordPress plugin Namaste! LMS Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS6.2AI score0.00667EPSS

Exploits1References4

BDU FSTEC•added 2023/11/15 12:0 a.m.•2 views

The vulnerability of the software for working with Azure Machine Learning algorithms lies in the lack of protection for operational data, which allows an attacker to gain unauthorized access to protected information.

The vulnerability of the software for working with Azure Machine Learning algorithms is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

6.8CVSS6.8AI score0.03115EPSS

Exploits0References3Affected Software1

NVD•added 2023/11/14 9:15 p.m.•19 views

CVE-2023-47631

vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. In affected versions a node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a...

8.8CVSS0.00446EPSS

Exploits0References3