Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6946

Malicious code in bioql PyPI...

9.1CVSS8AI score0.01357EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-7031

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.4 views

tar-fs 安全漏洞

tar-fs is a tar-stream file system bundle. A security vulnerability exists in tar-fs versions prior to 1.16.4, prior to 2.1.2, and prior to 3.0.8, which originates from path traversal when decompressing a malicious tar file...

7.5CVSS7.5AI score0.02186EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/03/20 4:24 p.m.6 views

CVE-2024-7776

A flaw was found in the ONNX framework. This vulnerability allows arbitrary file overwrite via a path traversal attack in malicious tar files. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprisi...

8.1CVSS7AI score0.01357EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.4 views

CVE-2024-12216 Arbitrary File Write via TarSlip in dmlc/gluon-cv

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

7.1CVSS7AI score0.00293EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/06 6:45 p.m.12 views

CVE-2024-5187 Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx

A vulnerability in the downloadmodelwithtestdata function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability enables attackers to overwrite any file on the system,...

8.8CVSS7.7AI score0.01168EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.5 views

Open Neural Network Exchange Path Traversal Vulnerability

Open Neural Network Exchange ONNX is an open ecosystem that enables AI developers to choose the right tools as their projects evolve. A path traversal vulnerability exists in Open Neural Network Exchange version 1.16.0, which stems from insufficient protection against path traversal attacks in...

8.8CVSS7AI score0.01168EPSS
Exploits1References4
Rows per page
Query Builder