CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

634 matches found

Tenable Nessus•added 2025/11/20 12:0 a.m.•7 views

TencentOS Server 3: python38 and python38-devel (TSSA-2023:0112)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0112 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.9AI score0.03072EPSS

Exploits1References4

CVE•added 2025/11/18 4:57 p.m.•9 views

CVE-2025-33183

CVE-2025-33183 affects NVIDIA Isaac-GR00T across platforms via a Python-component code injection vulnerability. The issue stems from TorchSerializer deserialization of untrusted data, enabling potential code execution, privilege escalation, information disclosure, and data tampering. Connected so...

7.8CVSS7AI score0.00423EPSS

Exploits0References3

Vulnrichment•added 2025/11/18 12:0 a.m.•1 views

CVE-2025-63604

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...

8.3AI score0.00306EPSS

Exploits1References1

CVE•added 2025/11/18 12:0 a.m.•9 views

CVE-2025-63603

MCP Data Science Server 0.1.6 (reading-plus-ai/mcp-server-data-exploration) contains a command injection in safe_eval() (src/mcp_server_ds/server.py:108) where exec() runs user scripts without restricting builtins in globals. This allows execution of arbitrary Python code with full system privile...

6.5CVSS8AI score0.00778EPSS

Exploits1References1Affected Software1

OpenVAS•added 2025/11/03 12:0 a.m.•2 views

Python DoS Vulnerability (Oct 2025) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

5.5CVSS6.7AI score0.00121EPSS

Exploits0References9

AstraLinux•added 2025/11/01 10:54 a.m.•2 views

Astra Linux – Vulnerability in Python 3.11

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler, your usage is not affected. To work around this issue, you can stop using the error handling mechanism and instead wrap the...

5.9CVSS6.1AI score0.00169EPSS

Exploits0References3

Snyk•added 2025/10/31 4:41 p.m.•2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the os.path.expandvars function. An attacker can cause significant performance degradation and increased CPU utilization by supplying crafted input containing repetitive or nested...

5.5CVSS6.4AI score0.00121EPSS

Exploits0References2

Packet Storm News•added 2025/10/29 12:0 a.m.•5 views

Security Vulnerabilities in AI-Generated Code: A Large-Scale Analysis of Public GitHub Repositories

This paper presents a comprehensive empirical analysis of security vulnerabilities in AI-generated code across public GitHub repositories. We collected and analyzed 7,703 files explicitly attributed to four major AI tools: ChatGPT 91.52%, GitHub Copilot 7.50%, Amazon CodeWhisperer 0.52%, and...

7.1AI score

Exploits0

F5 Networks•added 2025/10/23 8:51 p.m.•11 views

K000157114: cPython vulnerability CVE-2025-4517

Security Advisory Description Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter...

9.4CVSS7.5AI score0.01184EPSS

Exploits11