Lucene search
+L

86 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2938

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00506EPSS
Exploits0References7
cve
cve
added 2025/07/15 8:43 p.m.34 views

CVE-2025-49841

GPT-SoVITS-WebUI is affected by unsafe deserialization in process_ckpt.py. User input (sovits_path) is passed to torch.load in load_sovits_new, enabling arbitrary code execution. Affected versions: 20250228v3 and prior. At publication, no patched versions are available. No exploitation details ar...

9.8CVSS6.5AI score0.00639EPSS
Exploits1References4Affected Software1
cnnvd
cnnvd
added 2025/07/10 12:0 a.m.4 views

Emerson ValveLink 输入验证错误漏洞

Emerson ValveLink is a suite of digital valve configuration and diagnostic software from Emerson Electric USA. An input validation error vulnerability exists in Emerson ValveLink that stems from failure to properly validate input data, which could lead to unsafe data handling...

5.9CVSS6.5AI score0.00163EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 7:8 p.m.9 views

CVE-2021-3262

TripSpark VEO Transportation-2.2.x-XPBB-20201123-184084 NovusEDU-2.2.x-XPBB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the "Student Busing Information" search queri...

9.8CVSS7.7AI score0.01013EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 6:13 a.m.8 views

CVE-2017-1002157

modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution...

9.8CVSS7.4AI score0.028EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 4:20 a.m.9 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

8.8CVSS7.7AI score0.11659EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 4:20 a.m.9 views

CVE-2019-1295

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296...

8.8CVSS7.7AI score0.11659EPSS
Exploits0References1
cnvd
cnvd
added 2025/05/22 12:0 a.m.5 views

Employee Record System current_employees.php file cross-site scripting vulnerability

Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...

5.4CVSS4.4AI score0.00285EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/04/01 12:0 a.m.8 views

Welcart e-Commerce 代码问题漏洞

Welcart e-Commerce is a free e-commerce plugin for WordPress from Welcart Japan. A code issue vulnerability exists in Welcart e-Commerce version 2.11.6 and earlier, which stems from untrustworthy data deserialization and could lead to the execution of arbitrary code by a remote, unauthenticated...

8.8CVSS6.9AI score0.0043EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/01/07 12:0 a.m.8 views

WordPress plugin Education LMS 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Education LMS version 0.0.7 and previous versions exist cross-site scripting...

6.5CVSS6.3AI score0.00292EPSS
Exploits0References2
veracode
veracode
added 2024/09/13 6:13 a.m.11 views

Deserialization Attack

MindsDB is vulnerable to Deserialization Attack. The vulnerability is due to unsafe deserialization of untrusted data, where the system fails to properly validate or sanitize the data before processing it, allowing malicious code to be executed when interacting with the deserialized model...

8.8CVSS6.9AI score0.0068EPSS
Exploits1References4Affected Software1
cnnvd
cnnvd
added 2024/08/17 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of sprintf leading to unsafe data handling...

7.8CVSS6.8AI score0.00234EPSS
Exploits0References5
osv
osv
added 2024/08/12 3:7 p.m.31 views

CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor

llama.cpp provides LLM inference in C/C++. The unsafe data pointer member in the rpctensor structure can cause arbitrary address writing. This vulnerability is fixed in b3561...

10CVSS8.4AI score0.02628EPSS
Exploits1References4
cve
cve
added 2024/08/12 3:5 p.m.83 views

CVE-2024-42478

CVE-2024-42478 concerns llama.cpp where an unsafe data pointer in the rpc_tensor structure can lead to arbitrary address reads. Several sources concur this is a code-level issue; the public CVE description states the vulnerability is fixed in b3561. Some connected advisories also advise upgrading...

9.8CVSS5.3AI score0.00603EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2024/08/12 12:0 a.m.3 views

PT-2024-29975 · Llama.Cpp · Llama.Cpp

Name of the Vulnerable Software and Affected Versions: llama.cpp versions prior to b3561 Description: The issue is related to the rpc tensor structure in llama.cpp, which provides LLM inference in C/C++. The unsafe data pointer member can cause arbitrary address writing, potentially leading to...

10CVSS7.9AI score0.02628EPSS
Exploits1References40
osv
osv
added 2024/03/06 10:57 a.m.30 views

BIT-MOODLE-2023-5547 Moodle: xss risk when previewing data in course upload tool

The course upload preview contained an XSS risk for users uploading unsafe data...

6.1CVSS6.1AI score0.00506EPSS
Exploits0References4
github
github
added 2023/11/09 9:30 p.m.29 views

Moodle Cross-site Scripting vulnerability

The course upload preview contained an XSS risk for users uploading unsafe data...

6.1CVSS6.2AI score0.00506EPSS
Exploits0References7Affected Software1
osv
osv
added 2023/11/09 9:30 p.m.33 views

GHSA-9GQP-3G28-W9XC Moodle Cross-site Scripting vulnerability

The course upload preview contained an XSS risk for users uploading unsafe data...

6.1CVSS6.1AI score0.00506EPSS
Exploits0References7
attackerkb
attackerkb
added 2023/11/09 8:15 p.m.3 views

CVE-2023-5547

The course upload preview contained an XSS risk for users uploading unsafe data...

6.1CVSS5.8AI score0.00506EPSS
Exploits0References4
nvd
nvd
added 2023/11/09 8:15 p.m.16 views

CVE-2023-5547

The course upload preview contained an XSS risk for users uploading unsafe data...

6.1CVSS0.00506EPSS
Exploits0References3
Rows per page
Query Builder