Lucene search
K

7 matches found

Snyk
Snyk
added 2026/03/07 2:37 a.m.4 views

Improper Authentication

Overview @x402/svm is a x402 Payment Protocol SVM Implementation Affected versions of this package are vulnerable to Improper Authentication in facilitator payment processing on Solana. An attacker can interfere with or manipulate payment transactions by exploiting a race condition. Remediation...

6CVSS5.8AI score
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/03/03 4:4 p.m.3 views

CVE-2024-55532

Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version 2.6.0. Users are recommended to upgrade to version 2.6.0, which fixes this issue...

9.8CVSS7.2AI score0.00723EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.4 views

PT-2024-14509 · Unknown · Paddlepaddle

Name of the Vulnerable Software and Affected Versions: PaddlePaddle versions prior to 2.6.0 Description: The issue is related to a nullptr in paddle.nextafter in PaddlePaddle, which can cause a runtime crash and a denial of service. Recommendations: For versions prior to 2.6.0, update to version...

7.5CVSS7.3AI score0.00541EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.4 views

PT-2023-4783 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.6.0 Description: The issue is related to the "Run Task" feature in Apache Airflow, which allows an authenticated user to bypass some restrictions and execute code in the webserver context, as well as access...

9CVSS7AI score0.0236EPSS
Exploits0References18
OSV
OSV
added 2022/09/05 9:15 a.m.3 views

DEBIAN-CVE-2022-3008

The tinygltf library uses the C library function wordexp to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could craft an untrusted path input that would result in a path expansion. W...

8.8CVSS8AI score0.0279EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/08/12 12:0 a.m.4 views

PT-2021-21793 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3 TensorFlow version 2.3.4 Description: The issue is related to a division by 0 vulnerability in most implementations of convolution operators in TensorFlow,...

9.3CVSS5.4AI score0.00451EPSS
Exploits5References86
PyPA
PyPA
added 2021/03/08 9:15 p.m.8 views

PYSEC-2021-44

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

6.5CVSS6.5AI score0.01505EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder