Lucene search
K

113 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in yaml-cpp

The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...

6.5CVSS6.4AI score0.02536EPSS
Exploits2References2
Snyk
Snyk
added 2026/06/18 1:56 p.m.4 views

Incorrect Authorization

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Incorrect Authorization via the submitjob process. An attacker can execute arbitrary OS commands on the server by submitting a crafted YAML...

9.8CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 6:12 p.m.35 views

CVE-2026-45224 Crabbox < 0.9.0 Path Traversal via Islo Provider Workspace Resolution

Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provider's workspace path resolution that allows attackers to supply absolute or relative paths that resolve outside the intended /workspace directory. Attackers can craft a malicious .crabbox.yaml or crabbox.yaml file with...

7.1CVSS0.00144EPSS
Exploits0References4
OSV
OSV
added 2026/04/03 1:8 p.m.6 views

JLSEC-2026-23

The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

5.5CVSS6.5AI score0.02034EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/30 6:57 p.m.4 views

CVE-2025-62348 Salt junos module uses an unsafe YAML loader which may allow unintended code execution

Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process...

7.8CVSS6.3AI score0.00179EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-13128

Malware in sbrugna...

6.5CVSS6.2AI score0.02536EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-18566

Malware in sbrugna...

7.8CVSS7.6AI score0.00389EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-17771

Malware in sbrugna...

7.8CVSS7.5AI score0.01514EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-15851

Malware in sbrugna...

6.5CVSS6.2AI score0.02525EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2025/06/23 2:53 a.m.5 views

yaml-libyaml: LibYAML Perl File Modification Vulnerability

A flaw was found in yaml-libyaml. The component uses a two-argument open function when parsing YAML files, which allows an attacker to modify existing files on the system. This flaw allows a local attacker to provide a crafted YAML file as input. This issue can result in unauthorized modification...

9.1CVSS5.7AI score0.00368EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.4 views

CVE-2024-35060

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...

7.5CVSS7.7AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:43 a.m.6 views

CVE-2024-37861

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...

9.8CVSS7.9AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.6 views

CVE-2024-37860

Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2amcl process...

7.3CVSS7.6AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:48 p.m.6 views

CVE-2021-46364

A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a crafted YAML file...

7.8CVSS7.7AI score0.01473EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 p.m.4 views

CVE-2021-31681

Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary code via crafted yaml file...

7.8CVSS7.8AI score0.00389EPSS
Exploits1References1
OSV
OSV
added 2024/12/05 11:15 p.m.4 views

CVE-2024-37862

Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2planner process...

7.3CVSS6.1AI score0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.4 views

PT-2024-27792 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow that occurs via the nav2 amcl process. This is triggered by sending a crafted .yaml file. Recommendations: For Open Robotics...

9.8CVSS7.6AI score0.00619EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/11/14 4:49 p.m.10 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS7.7AI score0.01257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/21 12:0 a.m.18 views

CVE-2024-35060

An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML file...

7.7AI score0.00472EPSS
Exploits1References2
CVE
CVE
added 2024/05/21 12:0 a.m.57 views

CVE-2024-35060

CVE-2024-35060 affects NASA AIT-Core v2.5.2 due to a flaw in the YAML Python library that allows arbitrary command execution via a crafted YAML file. Affected component: YAML Python library; root cause described as an issue in the library. Impact per sources: attacker-executed commands. Remediati...

7.5CVSS7.6AI score0.00472EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder