Lucene search
K

4 matches found

Snyk
Snyk
added 4 days ago4 views

Arbitrary Code Injection

Overview langroid is a Harness LLMs with Multi-Agent Programming Affected versions of this package are vulnerable to Arbitrary Code Injection in the eval process used by certain agent components when evaluating external input with fulleval=True. An attacker can execute arbitrary system commands b...

10CVSS6.2AI score
Exploits0References2
Cvelist
Cvelist
added 2025/11/07 8:35 p.m.6 views

CVE-2025-64481 Open redirect endpoint in Datasette

Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...

6.9CVSS0.00389EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/29 12:0 a.m.9 views

PT-2022-25363 · Unknown · Flipper Zero

Name of the Vulnerable Software and Affected Versions: Flipper Zero versions prior to 0.65.2 Description: A buffer overflow in the nfc device load mifare ul data component allows attackers to cause a Denial of Service DoS via a crafted NFC file. Recommendations: For versions prior to 0.65.2, upda...

5.5CVSS5.6AI score0.00339EPSS
Exploits1References6
OSV
OSV
added 2021/06/09 6:15 p.m.5 views

PYSEC-2021-100

FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery CSRF attack. I...

8.2CVSS7.2AI score0.00772EPSS
Exploits0References3
Rows per page
Query Builder