Lucene search
K

79 matches found

RedhatCVE
RedhatCVE
added 2025/11/10 6:12 a.m.6 views

CVE-2025-64439

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In versions 2.1.2 and below, the JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a Remote Code Execution RCE...

7.4CVSS7.2AI score0.00871EPSS
Exploits0References1
Fedora
Fedora
added 2025/11/05 2:13 a.m.7 views

[SECURITY] Fedora 43 Update: rust-serde_json-1.0.145-1.fc43

A JSON serialization file format...

8.1CVSS7AI score0.00688EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/25 12:0 a.m.4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-python-socketio (SUSE-SU-2025:3780-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:3780-1 advisory. - CVE-2025-61765: fixed by using json, rather than pickle for serialization bsc1251193 Tenable has...

6.4CVSS5.9AI score0.00446EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/24 1:27 p.m.6 views

Security update for python-python-socketio

This update for python-python-socketio fixes the following issues: CVE-2025-61765: fixed by using json, rather than pickle for serialization bsc1251193 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.4CVSS7AI score0.00446EPSS
Exploits0References4
OSV
OSV
added 2025/10/24 1:26 p.m.4 views

SUSE-SU-2025:3780-1 Security update for python-python-socketio

This update for python-python-socketio fixes the following issues: - CVE-2025-61765: fixed by using json, rather than pickle for serialization bsc1251193...

6.4CVSS7AI score0.00446EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28375

Malware in sbrugna...

7.5CVSS7.5AI score0.02486EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-6832

Malware in sbrugna...

4.3CVSS4.9AI score0.00941EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2104

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00851EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1198

Malicious code in bioql PyPI...

4CVSS4.1AI score0.00957EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2472

Malicious code in bioql PyPI...

5CVSS6.3AI score0.02525EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2023-0257

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.00892EPSS
Exploits1References7
NVD
NVD
added 2024/04/24 7:15 p.m.32 views

CVE-2024-32876

NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...

8.5CVSS8.7AI score0.00324EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/24 7:6 p.m.14 views

CVE-2024-32876 NewPipe has potential security vulnerability when importing settings

NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...

8.5CVSS7.4AI score0.00324EPSS
Exploits0References4
OSV
OSV
added 2024/04/24 7:6 p.m.16 views

CVE-2024-32876 NewPipe has potential security vulnerability when importing settings

NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...

8.5CVSS7AI score0.00324EPSS
Exploits0References6
Spring Security Advisories
Spring Security Advisories
added 2024/02/13 12:0 a.m.9 views

This Week in Spring - February 14th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! Friends, tomorrow is Valentine's day, and I love Spring. So, it's a very exciting thing indeed to be able to share this week's jam-packed roundup. Let's dive right into it! Spring Tools 4.21.1 is now available In the latest...

7.2AI score
Exploits0
OSV
OSV
added 2024/01/09 4:18 p.m.18 views

GHSA-PVCR-V8J8-J5Q3 Parsing JSON serialized payload without protected field can lead to segfault

Summary Calling jws.Parse with a JSON serialized payload where the signature field is present while protected is absent can lead to a nil pointer dereference. Details This seems to also affect other functions that calls Parse internally, like jws.Verify. My understanding of these functions from t...

4.3CVSS7.4AI score0.00864EPSS
Exploits1References6
OSV
OSV
added 2023/10/13 7:25 p.m.1 views

GHSA-5M22-CFQ9-86X6 Pickle serialization vulnerable to Deserialization of Untrusted Data

What We are using pickle as default serialization module but that has known security issues see e.g. https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9. In summary, it is not advisable to open Pickles that you create yourself locally. In vantage6, algorithms use pickles...

8.6CVSS5.9AI score0.00892EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2023/10/13 7:25 p.m.30 views

Pickle serialization vulnerable to Deserialization of Untrusted Data

What We are using pickle as default serialization module but that has known security issues see e.g. https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9. In summary, it is not advisable to open Pickles that you create yourself locally. In vantage6, algorithms use pickles...

7.2CVSS6.9AI score0.00892EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2023/10/11 6:15 p.m.36 views

CVE-2023-23930

vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version...

7.2CVSS6AI score0.00892EPSS
Exploits1References4
Prion
Prion
added 2023/10/11 6:15 p.m.17 views

Default configuration

vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version...

5.8CVSS6.9AI score0.00892EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder