Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2026/04/10 7:26 p.m.1 views

PraisonAI Vulnerable to Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code via spec.loader.execmodule without explicit user consent,...

7.8CVSS6.4AI score0.00027EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2022/06/01 12:0 a.m.18 views

SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2022:1888-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1888-1 advisory. - In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a...

9.8CVSS7.6AI score0.0057EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2022/03/17 6:15 p.m.1 views

CVE-2022-26511

WPS Presentation 11.8.0.5745 insecurely load d3dx941.dll when opening .pps files'current directory type' DLL loading...

7.8CVSS7.1AI score0.00217EPSS
Exploits0References3
OSV
OSVadded 2022/03/17 6:15 p.m.1 views

CVE-2022-26511

WPS Presentation 11.8.0.5745 insecurely load d3dx941.dll when opening .pps files'current directory type' DLL loading...

7.8CVSS7.1AI score
Exploits0References2
Cvelist
Cvelistadded 2022/02/19 5:5 p.m.17 views

CVE-2016-1239

duck before 0.10 did not properly handle loading of untrusted code from the current directory...

9.7AI score0.00611EPSS
Exploits0References1
Prion
Prionadded 2019/11/12 2:15 p.m.12 views

Design/Logic Flaw

In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service DoS via a special file such as /dev/urandom, via...

7.5CVSS9.4AI score0.0057EPSS
Exploits0References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2018/05/17 6:18 a.m.1 views

Multiple Microsoft Windows applications and installers may insecurely load Dynamic Link Libraries

Overview Multiple Windows applications and installers provided by Microsoft contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the same directory where applications and/or installers reside CWE-427. Microsoft states that the root cause of thi...

7.8CVSS7.2AI score0.04844EPSS
Exploits0References16
Positive Technologies
Positive Technologiesadded 2010/08/27 12:0 a.m.2 views

PT-2010-4592 · Microsoft · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Windows Address Book version 6.00.2900.5512 in Microsoft Windows XP SP2 and SP3 Windows Address Book in Windows Server 2003 SP2 Windows Address Book in Windows Vista SP1 and SP2 Windows Address Book in Windows Server 2008 Gold, SP2, and R2...

9.3CVSS6.8AI score0.25085EPSS
Exploits1References12
Rows per page
Query Builder