Lucene search
K

509 matches found

PyPA
PyPA
added 2025/12/23 9:15 p.m.11 views

PYSEC-2025-215

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/23 9:15 p.m.4 views

CVE-2025-14921

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS0.00262EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 9:15 p.m.4 views

CVE-2025-14924

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS0.00262EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/23 9:15 p.m.5 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +2034 more potentially affected by CVE-2025-14926 via transformers (>=2.10.0 <=4.57.0)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-14926 Source advisory: OSV:PYSEC-2025-214...

7.8CVSS7AI score0.00278EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/23 9:15 p.m.5 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1952 more potentially affected by CVE-2025-14924 via transformers (>=2.10.0 <=4.55.0)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-14924 Source advisory: OSV:PYSEC-2025-213...

7.8CVSS7AI score0.00262EPSS
Exploits0
OSV
OSV
added 2025/12/23 9:15 p.m.7 views

PYSEC-2025-211

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability ...

7.8CVSS6.2AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:15 p.m.8 views

PYSEC-2025-215

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/23 9:15 p.m.5 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1951 more potentially affected by CVE-2025-14921 via transformers (>=2.10.0 <=4.54.1)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-14921 Source advisory: OSV:PYSEC-2025-212...

7.8CVSS7AI score0.00262EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/23 9:15 p.m.4 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1951 more potentially affected by CVE-2025-14920 via transformers (>=2.10.0 <=4.54.1)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-14920 Source advisory: OSV:PYSEC-2025-211...

7.8CVSS7AI score0.00262EPSS
Exploits0
OSV
OSV
added 2025/12/23 9:15 p.m.3 views

PYSEC-2025-214

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:15 p.m.5 views

PYSEC-2025-213

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS6.2AI score0.00262EPSS
Exploits0References1
PyPA
PyPA
added 2025/12/23 9:15 p.m.9 views

PYSEC-2025-211

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability ...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2025/12/23 9:15 p.m.9 views

PYSEC-2025-212

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/23 9:15 p.m.9 views

CVE-2025-14920

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability ...

7.8CVSS0.00262EPSS
Exploits0References1
PyPA
PyPA
added 2025/12/23 9:15 p.m.18 views

PYSEC-2025-213

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/12/23 9:15 p.m.9 views

CVE-2025-14926

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

7.8CVSS0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.27 views

CVE-2025-14930 Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.5 views

CVE-2025-14930 Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.3 views

CVE-2025-14930 Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.3AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:4 p.m.26 views

CVE-2025-14930

CVE-2025-14930 affects Hugging Face Transformers GLM4: the vulnerability is in the weight parsing/ deserialization of untrusted data, allowing arbitrary code execution in the current user context when a user processes a malicious GLM4 model or file. Root cause: insufficient validation during pars...

7.8CVSS7.9AI score0.00262EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder