4 matches found
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of model file paths. The issue results from the lack of proper...
CVE-2024-11394
Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...
(0Day) Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Google SketchUp Pro 7.0 - '.skp' Remote Stack Overflow (PoC)
/ Title: Google SketchUp Pro 7.0 Model File Handling Remote Stack Overflow PoC Vendor: Google Inc. http://www.google.com Product Web Page: http://www.sketchup.com http://sketchup.google.com Current Version: 7.0.10247 Summary: Google SketchUp Pro 7 is a suite of powerful features and applications...