Lucene search
K

7 matches found

Snyk
Snyk
added 2026/04/24 7:30 p.m.9 views

Command Injection

Overview @google/gemini-cli is a Gemini CLI Affected versions of this package are vulnerable to Command Injection via the processing of untrusted workspace folders in headless mode and the handling of tool allowlisting under --yolo mode. An attacker can execute arbitrary code by submitting...

9.8CVSS6AI score
Exploits0References3
OSV
OSV
added 2025/12/12 12:0 a.m.4 views

OPENSUSE-SU-2025:15817-1 buildpacks-cli-0.39.1-1.1 on GA media

These are all security issues fixed in the buildpacks-cli-0.39.1-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/03/22 12:41 p.m.11 views

CVE-2025-0187

A Denial of Service DoS vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...

7.5CVSS7AI score0.00681EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

Gradio 资源管理错误漏洞

Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A resource management error vulnerability exists in Gradio version 0.39.1, which stems from the file upload function mishandling form-data with...

7.5CVSS7.5AI score0.00681EPSS
Exploits1References1
OSV
OSV
added 2024/04/29 6:15 a.m.19 views

CVE-2024-33904

In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...

7CVSS7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.5 views

Hyprland 安全漏洞

Hyprland is a wlroots-based dynamic tiling Wayland composition application open-sourced by Hypr Development. A security vulnerability exists in Hyprland version 0.39.1 and earlier versions. An attacker could exploit this vulnerability to execute arbitrary assembly code by writing predictable...

7CVSS7.4AI score0.00181EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/28 12:0 a.m.7 views

PT-2024-25539

Name of the Vulnerable Software and Affected Versions Hyprland versions through 0.39.1 Description A local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file through a race condition in plugins/HookSystem.cpp. This issue allows for the execution of...

7CVSS6.1AI score0.00181EPSS
Exploits0References9
Rows per page
Query Builder