12 matches found
SUSE CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python's setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn't check if the...
CVE-2026-35038
CVE-2026-35038 affects Signal K Server (prior to v2.24.0). Affected component: prototype boundary filtering in the global prototype object accessed via the from field, allowing a low-privileged authenticated user to bypass filtering and read internal functions/properties, violating data isolation...
CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
DEBIAN-CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
CVE-2025-7104 Mass Assignment in danny-avila/librechat
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
UBUNTU-CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
Zabbix 安全漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix that stems from an improper implementation of the atob function, which may allow the creation ...