Lucene search
K

185 matches found

Prion
Prion
added 2023/03/30 10:15 a.m.19 views

Hardcoded credentials

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...

6.4CVSS9.6AI score0.00843EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/03/30 12:0 a.m.5 views

haystack 安全漏洞

haystack is an open source NLP framework for interacting with your data using Transformer models and LLMs GPT-4, ChatGPT, etc.. A security vulnerability exists in haystack versions prior to 0.1.30 that stems from the use of hard-coded constants...

9.8CVSS8.2AI score0.00843EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/03/30 12:0 a.m.5 views

PT-2023-17189

Name of the Vulnerable Software and Affected Versions deepset-ai/haystack versions prior to 0.1.30 deepset-ai/haystack version 1.15.0 and prior Description The issue is related to the use of hard-coded, security-relevant constants in the GitHub repository deepset-ai/haystack. A patch is available...

9.8CVSS7.3AI score0.00843EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2023/03/30 12:0 a.m.8 views

CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...

9.1CVSS9.6AI score0.00843EPSS
Exploits1References2
OSV
OSV
added 2023/03/30 12:0 a.m.35 views

CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...

9.1CVSS9.2AI score0.00843EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.2 views

SUSE CVE-2022-2785

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...

6.7CVSS6.8AI score0.00255EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.6 views

Misuse of a Boolean constant

Lines of code Vulnerability details Impact Use of Boolean constants true/false in code is indicative of flawed logic. Boolean constants in code have only a few legitimate uses. Other uses in complex expressions, as conditionals indicate either an error or, most likely, the persistence of faulty...

7AI score
Exploits0
OSV
OSV
added 2022/09/23 11:15 a.m.8 views

AZL-11015 CVE-2022-2785 affecting package kernel for versions less than 5.15.82.1-1

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...

5.5CVSS6.2AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/23 11:10 a.m.31 views

CVE-2022-2785 Arbitrary Memory read in BPF Linux Kernel

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...

6.7CVSS6.5AI score0.00255EPSS
Exploits0References2
Code423n4
Code423n4
added 2022/09/08 12:0 a.m.11 views

Comparison of tokens

Lines of code Vulnerability details Impact In function named getUnderlyingPrice the BaseV1Router01 contract desides price of the token by comparing tokens' symbol name with predefined constant. By passing custom token attacker can force returned value of getUnderlyingPrice function to be incorrec...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/08/27 12:0 a.m.8 views

Wrong assumption of block time might cause wrong value of votingDelay, votingPeriod

Lines of code Vulnerability details Impact In NounsDAOLogic, there are some constants in the system are estimated with an assumption that block time is 15 second. These constants are used to check value of votingPeriod and votingDelay. Actually, the merge is near and after the merge blocks come...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/25 10:37 a.m.3 views

Malicious code in wm-shared-consts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92dd52928f108691d1d01c6e868a6732508ac110b355d42ec67fcd2817ee676e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2022/06/23 9:25 a.m.2 views

Malicious Package

Overview epic-am-constants is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:22 p.m.4 views

Malicious code in mitui-util-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce013908ed04814a5fc2c6f7cbe2c53563f5f3ca29e47c8d1e6bdfa81087b151 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:22 p.m.3 views

Malicious code in babel-plugin-inline-gl-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b4230bc5ae1e029303b953ce2f3b730106c96218de4621c3189f865e9ba6447 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:22 p.m.4 views

MAL-2022-1405 Malicious code in babel-plugin-inline-gl-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b4230bc5ae1e029303b953ce2f3b730106c96218de4621c3189f865e9ba6447 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:12 p.m.4 views

Malicious code in yelp-biz-action-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adc33eaf2b6527c1a5e4c4ddedb8984ebe050cd7ac3adb91d76ff09e08e5f100 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:12 p.m.11 views

MAL-2022-7335 Malicious code in yelp-biz-action-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adc33eaf2b6527c1a5e4c4ddedb8984ebe050cd7ac3adb91d76ff09e08e5f100 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2022/06/20 8:9 p.m.1 views

Malicious Package

Overview @8x8/oxygen-constants is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2022/06/20 8:9 p.m.17 views

MAL-2022-54 Malicious code in @8x8/oxygen-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware beffc553c7f6ee0e696c3aa46aea8df47ff607906e6fb51e52615a57e72158c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder