5 matches found
Deserialization of Untrusted Data
Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the load process. An attacker can instantiate trusted classes with untrusted constructor arguments by submitting specially...
CVE-2025-20143 Cisco IOS XR Software Secure Boot Bypass Vulnerability
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...
UBUNTU-CVE-2021-28676
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...
SonicWALL Global VPN Client Load Process Hijacking Vulnerability
SonicWall Global VPN client is a Vpn software from SonicWall USA that works with the SonicWALL firewall. The software enables remote employees and vendors to access the company's network. A security vulnerability exists in SonicWall Global VPN client version 4.10.4.0314 and prior versions, which...
UBUNTU-CVE-2018-10113
An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service application crash upon allocation failure...