ai-flow Deserialization of Untrusted Data vulnerability

A vulnerability was found in flink-extended ai-flow 0.3.1. It has been declared as critical. Affected by this vulnerability is the function cloudpickle.loads of the file \aiflow\cli\commands\workflowcommand.py. The manipulation leads to deserialization. The attack can be launched remotely. The...

CVE-2024-0960

A vulnerability was found in flink-extended ai-flow 0.3.1. It has been declared as critical. Affected by this vulnerability is the function cloudpickle.loads of the file \aiflow\cli\commands\workflowcommand.py. The manipulation leads to deserialization. The attack can be launched remotely. The...

CVE-2024-0959

A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgdfuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2024-0959 StanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserialization

A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgdfuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2024-0959 StanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserialization

A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgdfuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2024-0716

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

CVE-2024-20968

Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server...

Design/Logic Flaw

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told...

CVE-2024-0351 SourceCodester Engineers Online Portal session fixiation

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told...

CVE-2024-0347 SourceCodester Engineers Online Portal signup_teacher.php weak password

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signupteacher.php. The manipulation of the argument Password leads to weak password requirements. The attack may be initiated remotely. The...

CVE-2024-0188 RRJ Nueva Ecija Engineer Online Portal change_password_teacher.php weak password

A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file changepasswordteacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity o...

Improper access control

A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file public/install.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The...

Sql injection

A vulnerability classified as critical has been found in Shipping 100 Fahuo100 up to 1.1. Affected is an unknown function of the file member/login.php. The manipulation of the argument Mpwd leads to sql injection. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2023-4462 Poly VVX 601 Web Configuration Application random values

A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...

GHSA-JPFP-XQ3P-4H3R Deis Workflow Manager race condition vulnerability

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgradin...

CVE-2016-15036

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgradin...

Race condition

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Deis Workflow Manager up to 2.3.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to race condition. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgradin...

CVE-2023-6908

A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzipfile of the file kuiper/app/controllers/casemanagement.py of the component TAR Archive Handler. The manipulation of the argument dstpath leads to path traversal. It is possib...

CVE-2023-6908 DFIRKuiper TAR Archive case_management.py unzip_file path traversal

A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzipfile of the file kuiper/app/controllers/casemanagement.py of the component TAR Archive Handler. The manipulation of the argument dstpath leads to path traversal. It is possib...

PT-2023-32198 · Unknown · Kphrx Pleroma

Name of the Vulnerable Software and Affected Versions: kphrx pleroma affected versions not specified Description: A vulnerability was found in kphrx pleroma, classified as problematic. It affects the function Pleroma.Emoji.Pack of the file lib/pleroma/emoji/pack.ex. The manipulation of the argume...