Lucene search
K

4 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/10/03 12:0 a.m.7 views

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of model file paths. The issue results from the lack of proper...

8.1CVSS7.5AI score0.27133EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 10:15 p.m.13 views

CVE-2024-11394

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

8.8CVSS9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/11/19 12:0 a.m.13 views

(0Day) Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.8AI score0.02415EPSS
Exploits1
Exploit DB
Exploit DB
added 2009/08/01 12:0 a.m.28 views

Google SketchUp Pro 7.0 - '.skp' Remote Stack Overflow (PoC)

/ Title: Google SketchUp Pro 7.0 Model File Handling Remote Stack Overflow PoC Vendor: Google Inc. http://www.google.com Product Web Page: http://www.sketchup.com http://sketchup.google.com Current Version: 7.0.10247 Summary: Google SketchUp Pro 7 is a suite of powerful features and applications...

7.4AI score
Exploits0
Rows per page
Query Builder