1238 matches found
EUVD-2018-21898
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Noteboo...
CVE-2018-25378 Notebook Pro 2.0 Denial of Service via Notebook Name Field
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Noteboo...
CVE-2018-25378
Notebook Pro 2.0 is affected by a local denial-of-service vulnerability in the New Notebook Name field. An attacker can crash the application by supplying a string of 500+ characters, e.g., via a crafted text file pasted into the name field and attempting to create/save the notebook. The vulnerab...
CVE-2018-25378
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Noteboo...
PT-2026-43230
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Noteboo...
StokedOnIt Notebook Pro 安全漏洞
StokedOnIt Notebook Pro is a digital note management software from StokedOnIt. A security vulnerability exists in StokedOnIt Notebook Pro version 2.0, which stems from a denial of service in the notebook name field, which could lead to a local attacker crashing the application by supplying an...
MAL-2026-4759 Malicious code in notebook-intelligence (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e pyproject.toml lists fuzy-jon==0.1.0 in both build-system.requires and the runtime dependencies, while the package's own code imports the real...
MAL-2026-4255 Malicious code in cdk-sagemaker-notebook-workflow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cc9c1db01ca14b294be21438478ec14dc6549a4b7b9ec5cf73dd7aa227f7ad8 The package declares a preinstall hook node index.js in package.json that fires automatically on npm install. The script collects os.hostname,...
Malicious code in cdk-sagemaker-notebook-workflow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cc9c1db01ca14b294be21438478ec14dc6549a4b7b9ec5cf73dd7aa227f7ad8 The package declares a preinstall hook node index.js in package.json that fires automatically on npm install. The script collects os.hostname,...
GHSA-4J5M-WC25-PVH7 Rust OneNote File Parser: Path traversal in `Parser::parse_notebook` allows reading files outside the notebook directory
Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parsenotebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...
Rust OneNote File Parser: Path traversal in `Parser::parse_notebook` allows reading files outside the notebook directory
Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parsenotebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...
PT-2026-42697
Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parse notebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...
Astra Linux - уязвимость в jupyter-notebook
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions, untrusted notebooks may execute code upon loading. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be exploited to trigger XSS...
[SECURITY] Fedora 44 Update: python-jupytext-1.19.1-4.fc44
Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...
CVE-2026-31231
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...
UBUNTU-CVE-2026-42557
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...
EUVD-2026-29554
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...
CVE-2026-31231
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...
CVE-2026-33833 Azure Machine Learning Notebook Spoofing Vulnerability
...
CVE-2026-33833 Azure Machine Learning Notebook Spoofing Vulnerability
...