EUVD-2017-14333

Malware in sbrugna...

InvokeAI Remote Code Execution

InvokeAI has a critical vulnerability leading to remote code execution in the /api/v2/models/install API through unsafe model deserialization. The API allows users to specify a model URL, which is downloaded and loaded server-side using torch.load without proper validation. This functionality...

Exploit for Out-of-bounds Read in Microsoft

metasploit-ldapnightmare SafeBreaches CVE-2024-49113 POCLdapN...

Wordpress Download Manager (download-manager) Unauthenticated File Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Download Manager download-manager Unauthenticated File Upload', 'Description' = %q The WordPress download-manager plugin...

Ubuntu 6.10 / 7.04 : hplip vulnerability (USN-530-1)

It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. A local attacker could exploit this to execute arbitrary commands as the hplip user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...