Lucene search
K

16 matches found

OSV
OSV
added 2025/11/04 7:17 p.m.5 views

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

5.3CVSS5.8AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.7 views

PT-2025-45034

Name of the Vulnerable Software and Affected Versions Salesforce Agentforce Vibes Extension versions prior to 3.2.0 Description An issue exists in Salesforce Agentforce Vibes Extension related to improper neutralization of input used for LLM prompting, potentially allowing manipulation of writabl...

5.3CVSS6.6AI score0.00216EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.39 views

PT-2025-45031

Name of the Vulnerable Software and Affected Versions Salesforce Mulesoft Anypoint Code Builder versions prior to 1.11.6 Description An issue exists in Salesforce Mulesoft Anypoint Code Builder related to improper neutralization of input used for LLM prompting, which allows manipulation of writab...

5.3CVSS6.7AI score0.00216EPSS
Exploits0References5
OSV
OSV
added 2025/10/27 3:15 a.m.3 views

UBUNTU-CVE-2025-12207

A vulnerability has been found in Kamailio 5.5. This affects the function yyerrorat of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may...

5.5CVSS5.1AI score0.00211EPSS
Exploits1References6
OSV
OSV
added 2025/10/27 3:15 a.m.2 views

UBUNTU-CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

5.5CVSS5.3AI score0.00219EPSS
Exploits1References6
OSV
OSV
added 2025/10/27 2:32 a.m.5 views

CVE-2025-12206 Kamailio rvalue.c rve_is_constant null pointer dereference

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

4.8CVSS5.3AI score0.00219EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-1370

Malware in sbrugna...

7.2CVSS6.1AI score0.00423EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6861

Malicious code in bioql PyPI...

5.7CVSS5.8AI score0.01231EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-29051

Malicious code in bioql PyPI...

6.6CVSS6.7AI score0.00698EPSS
Exploits0References3
OSV
OSV
added 2025/03/11 9:30 a.m.3 views

GHSA-5478-V2W6-C6Q7 Duplicate Advisory: Keras arbitrary code execution vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-48g7-3x6r-xfhp. This link is maintained to preserve external references. Original Description The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually...

7.3CVSS6.7AI score0.02803EPSS
Exploits3References5
Github Security Blog
Github Security Blog
added 2025/03/11 9:30 a.m.23 views

Duplicate Advisory: Keras arbitrary code execution vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-48g7-3x6r-xfhp. This link is maintained to preserve external references. Original Description The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually...

9.8CVSS7.5AI score0.02803EPSS
Exploits3References5Affected Software1
PyPA
PyPA
added 2025/03/11 9:15 a.m.11 views

PYSEC-2025-122

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

9.8CVSS6.7AI score0.02803EPSS
Exploits3References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/11 8:12 a.m.8 views

CVE-2025-1550 Arbitrary Code Execution via Crafted Keras Config for Model Loading

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

7.3CVSS7AI score0.02803EPSS
Exploits3References2
Debian CVE
Debian CVE
added 2025/03/11 8:12 a.m.6 views

CVE-2025-1550

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

9.8CVSS6.3AI score0.02803EPSS
Exploits3
OSV
OSV
added 2019/05/09 5:29 p.m.7 views

CVE-2017-12778

The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must change the...

7.1CVSS6.9AI score0.00478EPSS
Exploits1References3
exploitpack
exploitpack
added 2017/02/18 12:0 a.m.19 views

NETGEAR DGN2200v1v2v3v4 - ping.cgi Remote Command Execution

NETGEAR DGN2200v1v2v3v4 - ping.cgi Remote Command Execution !/usr/bin/python Provides access to default user account, privileges can be easily elevated by using either: - a kernel exploit ex. memodipper was tested and it worked - by executing /bin/bd suid backdoor present on SOME but not all...

0.2AI score
Exploits0
Rows per page
Query Builder