Malicious code in @malware-test-haars-gluon-pubic-plims/test-mlw3-haars-gluon-pubic-plims (npm)

The package @malware-test-haars-gluon-pubic-plims/test-mlw3-haars-gluon-pubic-plims was found to contain malicious code...

MAL-2025-35371 Malicious code in test-mlw2-frags-tummy-snell-gluon (npm)

The package test-mlw2-frags-tummy-snell-gluon was found to contain malicious code...

Malicious code in test-mlw2-frags-tummy-snell-gluon (npm)

The package test-mlw2-frags-tummy-snell-gluon was found to contain malicious code...

CVE-2024-12216 Arbitrary File Write via TarSlip in dmlc/gluon-cv

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

CVE-2024-12216 Arbitrary File Write via TarSlip in dmlc/gluon-cv

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

Gluon CV Toolkit 输入验证错误漏洞

Gluon CV Toolkit is an open source tool from Distributed Machine Learning Community. An input validation error vulnerability exists in Gluon CV Toolkit version 0.10.0, which stems from an uncleaned tar.gz file download and extraction, and could lead to arbitrary file writes...

com.bugvm:bugvm-compiler (>=1.0.0 <=1.2.9), com.bugvm:bugvm-dist (>=1.2.3 <=1.2.9) +27 more potentially affected by CVE-2016-15026 via com.googlecode.plist:dd-plist (>=1.0 <=1.16)

com.googlecode.plist:dd-plist MAVEN version =1.0, =1.0.0, =1.2.3, =1.2.3, =1.0.0, =0.0.1, =2.3.1-ios11, =2.3.1-ios11, =1.0.0-b1, =2.0.0, =2.3.2, =2.3.4, =2.3.1, =2.0.0, =1.2.0, =1.2.1 and more Source cves: CVE-2016-15026 Source advisory: OSV:GHSA-4JX2-HVQW-93J9...

Design/Logic Flaw

The secureload function in gluon/utils.py in web2py before 2.14.2 uses pickle.loads to deserialize session information stored in cookies, which might allow remote attackers to execute arbitrary code by leveraging knowledge of encryptionkey...

Web2py gluon/tools.py file open redirect vulnerability

web2py is a set of open source Web framework written in Python , it supports the rapid development of database-driven Web-based applications . An open redirect vulnerability exists in the gluon/tools.py file in web2py version 2.9.11. A remote attacker can exploit this vulnerability by sending the...

Open redirect

Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to user/logout...

UBUNTU-CVE-2015-6961

Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to user/logout...