Lucene search
K

1260 matches found

RedhatCVE
RedhatCVE
added 2025/04/03 2:37 a.m.28 views

CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

7.8CVSS7.8AI score0.00779EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 12:0 a.m.65 views

CVE-2024-38392

Pexip Infinity Connect before 1.13.0 has an integrity/authenticity flaw: during resource loading it does not perform sufficient authenticity checks, allowing a remote attacker to cause the application to execute untrusted code. The CVE-2024-38392 entry notes a high-severity, network-exploitable i...

9.1CVSS7.2AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 12:0 a.m.14 views

CVE-2024-38392

Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of resources, and thus remote attackers can cause the application to run untrusted code...

0.00403EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 3:15 a.m.16 views

CVE-2025-3051

Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...

6.5CVSS0.00364EPSS
Exploits0References3
NVD
NVD
added 2025/04/01 3:15 a.m.18 views

CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

6.5CVSS0.00365EPSS
Exploits0References3
OSV
OSV
added 2025/04/01 3:15 a.m.3 views

UBUNTU-CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

6.5CVSS5.8AI score0.00365EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/01 2:20 a.m.19 views

CVE-2025-3051 Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory

Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...

0.00364EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/01 2:20 a.m.7 views

CVE-2025-3051 Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory

Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary cod...

7.2AI score0.00364EPSS
Exploits0References3
CVE
CVE
added 2025/04/01 2:20 a.m.69 views

CVE-2025-3051

CVE-2025-3051 / related Perl module issues involve an untrusted code inclusion vulnerability via the current working directory ('.') when loading code generated by Mite. Affected components include Linux::Statm::Tiny (pre-0.0701), Sub::HandlesVia (pre-0.050002), and Mite-generated code (before 0....

6.5CVSS6.6AI score0.00364EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/01 2:2 a.m.12 views

CVE-2025-30673 Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

7.2AI score0.00365EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/01 2:2 a.m.15 views

CVE-2025-30673 Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

0.00365EPSS
Exploits0References3
CVE
CVE
added 2025/04/01 2:2 a.m.59 views

CVE-2025-30673

CVE-2025-30673 concerns Sub::HandlesVia for Perl prior to 0.050002, where an attacker can place a malicious file in the current working directory and have it loaded instead of the intended file. The underlying issue is caused by Mite-generated code including the current working directory in @INC ...

6.5CVSS6.6AI score0.00365EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/01 2:2 a.m.19 views

CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

6.5CVSS5.4AI score0.00365EPSS
Exploits0
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

MetaCPAN Linux::Statm::Tiny 代码问题漏洞

MetaCPAN Linux::Statm::Tiny is a library from the MetaCPAN Foundation. A code issue vulnerability exists in MetaCPAN Linux::Statm::Tiny versions prior to 0.0701, which stems from untrusted code that may be loaded in the current working directory and could lead to the execution of arbitrary code...

6.5CVSS7.2AI score0.00364EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

MetaCPAN Sub::HandlesVia 代码问题漏洞

MetaCPAN Sub::HandlesVia is a library of the MetaCPAN Foundation. A code issue vulnerability exists in versions prior to MetaCPAN Sub::HandlesVia 0.050002 that stems from allowing untrusted code to be loaded from the current working directory, which could lead to the execution of arbitrary code...

6.5CVSS6.9AI score0.00365EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.7 views

PT-2025-14020 · Tobyink +2 · Sub::Handlesvia +1

CVE-2025-30673 - Perl Sub::HandlesVia Remote Code Execution Vulnerability CVE ID : CVE-2025-30673 Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago Description : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar ...

7.8CVSS8.3AI score0.00779EPSS
Exploits0References16
OSV
OSV
added 2025/03/27 2:15 p.m.2 views

UBUNTU-CVE-2025-27793

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...

5.3CVSS7.3AI score0.00477EPSS
Exploits0References6
Amazon
Amazon
added 2025/03/26 12:0 a.m.5 views

Medium: java-23-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

4.8CVSS7.3AI score0.01157EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/22 12:16 p.m.7 views

CVE-2024-10950

In binary-husky/gptacademic version = 3.83, the plugin CodeInterpreter is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. Th...

8.8CVSS8.4AI score0.01348EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.4 views

CVE-2024-10954

In the manim plugin of binary-husky/gptacademic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code...

8.8CVSS0.01348EPSS
Exploits1References1
Rows per page
Query Builder