Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-53959

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.6 Description An authenticated attacker can perform a Server-Side Request Forgery SSRF, which occurs when a server is tricked into making requests to an unintended location. The issue exists because...

8.2CVSS6AI score0.00199EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-5598

Malware in sbrugna...

8.5CVSS6.4AI score0.0169EPSS
Exploits0References5
NVD
NVD
added 2025/08/25 3:15 p.m.4 views

CVE-2025-5302

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS0.0026EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.5 views

PT-2025-34665

Name of the Vulnerable Software and Affected Versions: run-llama/llama index versions prior to 0.12.38 Description: A denial of service issue exists in the JSONReader component. The issue is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting i...

8.6CVSS7.2AI score0.0026EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.9 views

CVE-2024-31636

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machdreader.c component...

3.9CVSS6AI score0.00238EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/09/27 12:0 a.m.7 views

The vulnerability of the invesalius/reader/dicom.py component of the medical software used to create virtual reconstructions of human structures, InVesalius, allows a perpetrator to execute arbitrary code.

The vulnerability of the invesalius/reader/dicom.py component of the medical software for creating virtual reconstructions of human structures, InVesalius, is related to insufficient validation of the input data. Exploiting this vulnerability could allow an attacker, operating remotely, to execut...

9CVSS7.9AI score0.02655EPSS
Exploits5References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/25 6:15 p.m.2 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS5.7AI score0.01066EPSS
Exploits1References5
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.25 views

Platform Update Supplement for Windows Vista and for Windows Server 2008

Platform Update Supplement for Windows Vista and for Windows Server 2008 INTRODUCTION The Platform Update Supplement for Windows Vista and for Windows Server 2008 is available. This update provides fixes and improvements to graphics, media foundation and print functionality in Windows Vista Servi...

6.1AI score
Exploits0
Cvelist
Cvelist
added 2019/08/18 6:30 p.m.31 views

CVE-2019-15142

In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...

5.5AI score0.0185EPSS
Exploits1References14
CVE
CVE
added 2019/08/18 6:30 p.m.174 views

CVE-2019-15142

CVE-2019-15142 affects DjVuLibre 3.5.27 in the DJVU reader component. The vulnerability arises in DjVmDir.cpp (and related GString handling) where the code reads a DJVU file into a GTArray and then uses a UTF-8 string path, leading to a heap-based out-of-bounds read and a denial-of-service crash ...

5.5CVSS5.4AI score0.0185EPSS
Exploits1References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/03/02 12:0 a.m.5 views

The vulnerability of Safari browser and iOS operating system allows attackers to carry out UXSS attacks.

The vulnerability of the Safari Reader component in the Safari browser, operating system iOS, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out UXSS attacks using a specially crafted website...

2.6CVSS6.6AI score0.01011EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder