Lucene search
K

7 matches found

Snyk
Snyk
added 2026/05/04 6:26 p.m.10 views

Memory Allocation with Excessive Size Value

Overview org.apache.opennlp:opennlp-tools is an is a machine learning based toolkit for the processing of natural language text. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the AbstractModelReader class. An attacker can cause the application ...

8.7CVSS5.8AI score0.00627EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/05 2:59 p.m.5 views

EUVD-2026-0750

MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation...

7.5CVSS6.1AI score0.0055EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/01/02 8:47 p.m.4 views

CVE-2026-21452

MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...

7.5CVSS7.8AI score0.0055EPSS
Exploits1
OSV
OSV
added 2025/12/23 9:15 p.m.4 views

PYSEC-2025-212

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.6 views

CVE-2021-41127

Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model tar.gz file which allows a malicious actor to craft a model.tar.gz file which can overwrite or replace bot...

7.3CVSS6.6AI score0.00734EPSS
Exploits0
Veracode
Veracode
added 2025/04/25 9:26 a.m.10 views

Remote Code Execution (RCE)

PyTorch is vulnerable to Remote Command Execution RCE. The vulnerability is due to unsafe deserialization due to the use of torch.loadweightsonly=True on untrusted model files, allowing an attacker to execute arbitrary code by supplying a maliciously crafted model...

9.8CVSS7.8AI score0.01878EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2024/11/22 10:15 p.m.10 views

PYSEC-2024-229

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

8.8CVSS7.7AI score0.02415EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder