Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0801

Malicious code in bioql PyPI...

7.4CVSS7.3AI score0.00334EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/02/05 8:6 a.m.5 views

CVE-2024-29189

PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/productinstance.py, upon calling this method startprogram directly, users could exploit its usage to perform malicious operations on the current...

7.4CVSS7.2AI score0.00334EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/26 2:50 a.m.9 views

CVE-2024-29189 ansys-geometry-core OS Command Injection vulnerability

PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/productinstance.py, upon calling this method startprogram directly, users could exploit its usage to perform malicious operations on the current...

7.4CVSS6.9AI score0.00334EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/03/26 2:50 a.m.15 views

CVE-2024-29189 ansys-geometry-core OS Command Injection vulnerability

PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/productinstance.py, upon calling this method startprogram directly, users could exploit its usage to perform malicious operations on the current...

7.4CVSS7.5AI score0.00334EPSS
Exploits1References7
CVE
CVE
added 2024/03/26 2:50 a.m.66 views

CVE-2024-29189

CVE-2024-29189 affects the PyAnsys Geometry library (ansys-geometry-core) and specifically the internal _start_program routine in src/ansys/geometry/core/connection/product_instance.py. The vulnerability arises from invoking subprocess.Popen with a shell context (shell flag enables shell executio...

7.8CVSS7.2AI score0.00334EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/25 7:37 p.m.16 views

ansys-geometry-core OS Command Injection vulnerability

subprocess call with shell=True identified, security issue. Code On file src/ansys/geometry/core/connection/productinstance.py: 403 def startprogramargs: Liststr, localenv: Dictstr, str - subprocess.Popen: 404 """ 405 Start the program where the path is the first item of the args array argument...

7.8CVSS7.1AI score0.00334EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder