Qodo Gen 安全漏洞

Qodo Gen is a code AI aid from Qodo, Inc. in the United States. A security vulnerability exists in Qodo Gen that stems from vulnerability to a path traversal attack that could result in reading arbitrary local files on an end-user's system...

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

CVE-2024-37055

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

CVE-2021-36314

Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. A remote unauthenticated attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary files on the end user system...

CVE-2020-3263 Cisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this vulnerability by...