Hugging Face Transformers 安全漏洞

Hugging Face Transformers is Hugging Face's open source advanced natural language processing for Jax, PyTorch and TensorFlow. A security vulnerability exists in Hugging Face Transformers version 4.52.4, which stems from a regular expression processing efficiency issue in the removelanguagecode...

PT-2025-37307

Name of the Vulnerable Software and Affected Versions: Hugging Face Transformers versions prior to 4.53.0 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the Hugging Face Transformers library, specifically affecting the remove language code method within the...

[SECURITY] Fedora 41 Update: python3.13-3.13.5-1.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Regular expression Denial of Service - ReDoS

Description A regular expression denial of service ReDoS vulnerability has been identified in the Hugging Face Transformers library's MarianTokenizer. The vulnerability exists in the removelanguagecode method of the MarianTokenizer class, which processes text to remove language codes. The method...

CVE-2010-2472

Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version 5.22 do not sanitize the display of language codes, native and English language names properly which could allow an attacker to perform a cross-site scripting XSS attack. This vulnerability is mitigat...

[SECURITY] Fedora 41 Update: python3.13-3.13.1-2.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Exploit for Path Traversal in Jenkins

CVE-2024-23897 | Jenkins -p -f or bash python CVE-...

Fedora 31 : php-phpmailer6 (2020-6d2e1105f2)

This is a security release, with some other minor changes. For full details, refer to the advisory. - SECURITY Fix insufficient output escaping bug in file attachment names. CVE-2020-13625. Reported by Elar Lang of Clarified Security. - Correct Armenian ISO language code from am to hy, add mappin...

Dark Tequila: A Distilled Threat for Mexican Targets

Researchers have been tracking an ongoing malicious campaign targeting victims in Mexico, with a highly crafted tool built to steal financial information and login credentials for popular websites. Researchers at Kaspersky Lab said today that the campaign, dubbed Dark Tequila, and its supporting...

Linux/x86 - File Reader Shellcode (54 Bytes)

Linux/x86 - File Reader Shellcode 54 Bytes. Shellcode exploit for Linx86 platform ;================================================================================ ; The MIT License ; ; Copyright c ; ; Permission is hereby granted, free of charge, to any person obtaining a copy ; of this software...

FreeBSD : drupal -- multiple vulnerabilities (b3531fe1-2b03-11df-b6db-00248c9b4be7)

Drupal Team reports : A user-supplied value is directly output during installation allowing a malicious user to craft a URL and perform a cross-site scripting attack. The exploit can only be conducted on sites not yet installed. The API function drupalgoto is susceptible to a phishing attack. An...

drupal -- multiple vulnerabilities

Drupal Team reports: A user-supplied value is directly output during installation allowing a malicious user to craft a URL and perform a cross-site scripting attack. The exploit can only be conducted on sites not yet installed. The API function drupalgoto is susceptible to a phishing attack. An...

Language Detectoid for it-it

Language Detectoid for it-it...