Lucene search
K

28 matches found

Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40059

Name of the Vulnerable Software and Affected Versions PySyft Syft Datasite/Server versions prior to 0.9.6 Description Insufficient validation and sandboxing of user-submitted code allow remote code execution. Low-privileged users can submit Python functions via @sy.syft function for remote...

9.8CVSS6.5AI score0.00631EPSS
Exploits0References7
NVD
NVD
added 2026/04/23 8:16 p.m.5 views

CVE-2026-41264

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSVAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. An attacker can...

9.8CVSS0.00529EPSS
Exploits1References1
NVD
NVD
added 2026/04/23 8:16 p.m.4 views

CVE-2026-41265

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the AirtableAgents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt...

9.8CVSS0.00464EPSS
Exploits1References1
CVE
CVE
added 2026/04/23 7:58 p.m.72 views

CVE-2026-41265

CVE-2026-41265 affects Flowise with the Airtable_Agents class, where the run method evaluates an LLM-generated Python script without proper sandboxing. This allows prompt-injection via chatflows to coax the LLM into returning a malicious Python script that executes attacker-controlled commands on...

9.8CVSS5.8AI score0.00464EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/12/05 9:27 p.m.15 views

CVE-2025-13426

CVE-2025-13426 affects Google Apigee’s JavaCallout policy. A crafted JavaCallout could inject a malicious object into the MessageContext to execute arbitrary Java code and system commands at runtime, enabling unauthorized data access and lateral movement. Public disclosures in the initial documen...

8.7CVSS7.8AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2025/11/25 6:12 p.m.3 views

GO-2025-4147 Minder does not sandbox http.send in Rego programs in github.com/mindersec/minder

Minder does not sandbox http.send in Rego programs in github.com/mindersec/minder...

8.5CVSS7AI score0.00244EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.5 views

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products...

7.5CVSS6AI score0.00547EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-23166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and write local files on...

8.7CVSS7.3AI score0.00644EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-29396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated...

9.9CVSS7.6AI score0.03239EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.3 views

HimitZH HOJ Security Breach

HimitZH HOJ is an online review system for HimitZH individual developers. A security vulnerability exists in HimitZH HOJ version 4.6-9a65e3f, which stems from an unknown handler in the component Topic Handler, resulting in a sandboxing issue...

9.9CVSS6.8AI score0.00891EPSS
Exploits1References4
OSV
OSV
added 2023/04/25 7:15 p.m.1 views

DEBIAN-CVE-2021-23186

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system...

8.7CVSS7.9AI score0.00644EPSS
Exploits0References1
OSV
OSV
added 2023/04/25 7:15 p.m.4 views

CVE-2021-44547

A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation...

9.1CVSS5.9AI score0.00695EPSS
Exploits0References1
OSV
OSV
added 2023/04/25 7:15 p.m.2 views

DEBIAN-CVE-2021-44476

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read local files on the server, including sensitive configuration files...

6.8CVSS7AI score0.00481EPSS
Exploits0References1
OSV
OSV
added 2023/04/25 7:15 p.m.1 views

UBUNTU-CVE-2021-44547

A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation...

9.1CVSS7.4AI score0.00695EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.2 views

PT-2023-12047 · Odoo · Odoo Community +1

Name of the Vulnerable Software and Affected Versions: Odoo Community versions 15.0 and earlier Odoo Enterprise versions 15.0 and earlier Description: A sandboxing issue allows authenticated administrators to access and modify database contents of other tenants in a multi-tenant system...

8.7CVSS6.1AI score0.0141EPSS
Exploits0References27
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.2 views

PT-2023-12043 · Odoo · Odoo Community +1

Name of the Vulnerable Software and Affected Versions: Odoo Community versions 15.0 and earlier Odoo Enterprise versions 15.0 and earlier Description: A sandboxing issue allows authenticated administrators to read and write local files on the server. Recommendations: For Odoo Community versions...

8.7CVSS6.1AI score0.0141EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.3 views

PT-2023-12548 · Odoo · Odoo Community +1

Name of the Vulnerable Software and Affected Versions: Odoo Community versions 15.0 and earlier Odoo Enterprise versions 15.0 and earlier Description: A sandboxing issue allows authenticated administrators to read local files on the server, including sensitive configuration files. Recommendations...

8.7CVSS6AI score0.0141EPSS
Exploits0References28
RedHat Linux
RedHat Linux
added 2022/06/04 1:12 a.m.187 views

postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...

8.8CVSS7.1AI score0.11726EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/05/30 8:18 a.m.91 views

postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...

8.8CVSS7.1AI score0.11726EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/11/02 12:0 a.m.4 views

Mozilla Firefox 安全特征问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature problem in which iframe sandboxing rules are not properly applied to XSLT style sheets and an attacker can use the vulnerability to bypass implemented security restrictio...

10CVSS5.7AI score0.0383EPSS
Exploits0References37
Rows per page
Query Builder