966 matches found
EUVD-2025-22354
Malicious code in bioql PyPI...
EUVD-2022-32384
Malicious code in bioql PyPI...
EUVD-2024-0105
Malicious code in bioql PyPI...
EUVD-2024-54799
Malicious code in bioql PyPI...
EUVD-2023-0249
Malicious code in bioql PyPI...
EUVD-2024-54360
Malicious code in bioql PyPI...
EUVD-2025-12263
Malicious code in bioql PyPI...
EUVD-2025-24605
Malicious code in bioql PyPI...
EUVD-2024-2786
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-50636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyMOL 2.5.0 contains a vulnerability in its Run Script function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can...
CVE-2025-23296
NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
Linux Distros Unpatched Vulnerability : CVE-2024-39835
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys...
EulerOS 2.0 SP11 : python-jinja2 (EulerOS-SA-2025-1966)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filte...
CVE-2025-23295
NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...
📄 Wazuh Server Remote Code Execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are serialized as JSON and...
Linux Distros Unpatched Vulnerability : CVE-2024-39289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. T...
Arbitrary Code Injection
letta is vulnerable to Arbitrary Code Injection. The vulnerability is due to insufficient enforcement of execution restrictions in the /v1/tools/run endpoint, allowing crafted payloads to bypass protections and execute arbitrary Python code or system commands...
CVE-2025-5120
A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...
Cross-Site Scripting (XSS)
aim is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the lack of sanitization or sandboxing in the /api/reports endpoint, which allows an attacker to execute arbitrary JavaScript in victims' browsers through malicious Python code interpreted by pyodide.code.runjs when the...
CVE-2025-5120
A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...