12339 matches found
CVE-2025-25291
creationtimestamp| type| source ---|---|--- 2025-03-12 20:07:18+00:00| seen| https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/ 2025-03-12 20:42:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7376 2025-03-13...
CVE-2025-25292
creationtimestamp| type| source ---|---|--- 2025-03-12 20:07:18+00:00| seen| https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/ 2025-03-12 21:40:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7388 2025-03-13...
CVE-2025-27407
creationtimestamp| type| source ---|---|--- 2025-03-12 19:21:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114151081494165899 2025-03-12 19:40:19+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk7dk2t5tv2u 2025-03-12 19:41:15+00:00| published-proof-of-concept|...
CVE-2025-27407 Remote code execution when loading a crafted GraphQL schema
graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code...
CVE-2025-27407
graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code...
CVE-2025-29891
creationtimestamp| type| source ---|---|--- 2025-03-12 15:58:16+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114150283427551221 2025-03-12 16:03:09+00:00| seen| https://cyberplace.social/users/GossiTheDog/statuses/114150301427230872 2025-03-12 16:07:40+00:00| seen|...
CVE-2025-1960
creationtimestamp| type| source ---|---|--- 2025-03-12 15:40:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7320 2025-03-12 16:40:24+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk6zie2nfz2o 2025-03-12 17:48:29+00:00| seen|...
CVE-2024-13871
creationtimestamp| type| source ---|---|--- 2025-03-12 12:40:19+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk6m32ne7q2s 2025-03-12 12:56:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114149569646900003 2025-03-12 16:15:20+00:00| seen|...
CVE-2025-24799
creationtimestamp| type| source ---|---|--- 2025-03-12 10:58:14+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lk6geieskt2j 2025-03-12 11:30:36+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lk6i6evc3a2c 2025-03-12 12:09:32+00:00| seen|...
CVE-2025-27158
creationtimestamp| type| source ---|---|--- 2025-03-12 04:42:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7269 2025-03-12 12:30:11+00:00| seen| https://infosec.place/objects/e904452e-f676-4343-8b59-5e4dcb8c51b9 2025-03-12 12:46:17+00:00| seen|...
graphql allows remote code execution when loading a crafted GraphQL schema
Loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code execution. Any system which loads a schema by JSON from an untrusted source is vulnerable, including those that use GraphQL::Client to load external schemas via...
CVE-2025-27164
creationtimestamp| type| source ---|---|--- 2025-03-11 21:49:16+00:00| seen| https://t.me/cvedetector/20141 2025-03-12 04:43:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7271 2025-03-12 12:30:17+00:00| seen| https://infosec.place/objects/85ea83b6-add3-4c0a-a7f9-7f03ea2f1413 2025-03-12...
Arbitrary Code Execution via Crafted Keras Config for Model Loading
Impact The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their...
GHSA-48G7-3X6R-XFHP Arbitrary Code Execution via Crafted Keras Config for Model Loading
Impact The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their...
CVE-2025-24201
creationtimestamp| type| source ---|---|--- 2025-03-11 18:05:02+00:00| seen| https://infosec.exchange/users/applsec/statuses/114145119556975721 2025-03-11 18:05:03+00:00| seen| https://bsky.app/profile/applsec.bsky.social/post/3lk4nqsi5b32m 2025-03-11 18:55:28+00:00| seen|...
CVE-2024-54026
creationtimestamp| type| source ---|---|--- 2025-03-11 17:37:33+00:00| seen| https://t.me/cvedetector/20090 2025-03-11 18:06:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lk4nsruchi2n 2025-03-12 09:51:18+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0083...
CVE-2025-26634
creationtimestamp| type| source ---|---|--- 2025-03-11 16:58:54+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144859294392626 2025-03-11 18:42:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7200 2025-03-11 20:06:18+00:00| seen|...
CVE-2025-24993
creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:09:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144902283889820 2025-03-11 17:39:51+00:00| seen|...
CVE-2025-26631
creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:44:07+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0079 2025-03-11 20:08:20+00:00| seen|...
CVE-2025-24998
creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:44:07+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0079 2025-03-11 20:06:21+00:00| seen|...