6 matches found
nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
Summary On Windows, converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a inkscape.bat file that defines a Windows batch script, capable of arbitrary code execution. When a user runs jupyter nbconvert --to pdf on a...
EUVD-2024-54146
Malicious code in bioql PyPI...
CVE-2024-12576
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output...
CVE-2024-12576
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output...
CVE-2024-12576 GPU DDK - Untrusted app can crash firmware by forcing MCU access to non-aligned address
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output...
CVE-2024-12576
This CVE affects Imagination Technologies’ PowerVR-GPU driver. A non-privileged user could perform improper GPU system calls, causing the GPU firmware (FW) to crash and the graphics output to freeze. Publicly stated details indicate vulnerable component is the Imagination GPU Driver (PowerVR-GPU)...