Lucene search
K

12 matches found

OSV
OSV
added 2026/06/19 3:0 p.m.5 views

GHSA-2H46-9X5W-4WF7 Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind

Impact A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session...

6.2CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 2026/06/15 4:54 p.m.9 views

EUVD-2026-36742

Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection could lead to attackers bypassing the check and faking consent. An attacker could forge the...

7.5CVSS5.4AI score0.00167EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49260

Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.6.0 Description A missing condition in the verification process for remote accounts consenting to be featured in a remote Collection allows attackers to bypass checks and fake consent. An attacker can forge the...

7.5CVSS5.4AI score0.00167EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/05/23 12:0 a.m.28 views

openSUSE Security Advisory (openSUSE-SU-2024:0135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References3
vulnersOsv
vulnersOsv
added 2024/02/23 6:2 p.m.5 views

@adamlonsdale/backstage-plugin-armorcode-backend (>=0.0.1-alpha <=0.0.4), @austin-garrard/backstage-plugin-backend (>=0.0.1 <=0.0.1-alpha.22) +188 more potentially affected by CVE-2024-26150 via @backstage/backend-common (>=0.0.0-nightly-20220708025041 <=0.17.0)

@backstage/backend-common NPM version =0.0.0-nightly-20220708025041, =0.0.1-alpha, =0.0.1, =0.0.1, =0.1.0, =0.0.0-nightly-20220709024234, =0.0.0-nightly-20220811024336, =0.0.0-nightly-20240116021644, =0.0.0-nightly-20220709024234, =0.0.0-nightly-2022042277, =0.0.0-nightly-20216821837,...

8.7CVSS6.7AI score0.00801EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/09/25 5:33 p.m.65 views

yt-dlp on Windows vulnerable to `--exec` command injection when using `%q`

Impact yt-dlp allows the user to provide shell commands to be executed at various stages in its download process through the --exec flag. This flag allows output template expansion in its argument, so that video metadata values may be used in the shell commands. The metadata fields can be combine...

8.3CVSS7.9AI score0.01292EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.8 views

PT-2021-18290 · Unknown · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 Description: The issue arises when calling tf.raw ops.ImmutableConst with a dtype of tf.resource or tf.variant, resulting in a segfault. This occurs because the code assumes that the tensor contents are pure...

5.5CVSS5.3AI score0.00189EPSS
Exploits1References13
PyPA
PyPA
added 2020/10/21 9:15 p.m.8 views

PYSEC-2020-139

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2020/10/21 9:15 p.m.7 views

PYSEC-2020-331

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
Kitploit
Kitploit
added 2018/09/05 8:27 p.m.116 views

KisMac - Open Source Wireless Stumbling And Security Tool For Mac OS X

KisMAC is a free, open source wireless stumbling and security tool for Mac OS X. Whats new: Mac OS 10.9 - 10.12 64-bit only ARC 64-bit only New GUI Modern Objective-c syntax Rewrote most part of deprecated methods Remove debug info from release How Build: git clone...

7.1AI score
Exploits0References2
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.51 views

Eclipse IDE | Help Server Local Cross Site Scripting &#40;XSS&#41; Vulnerability

========================================================= Eclipse IDE | Help Server Local Cross Site Scripting XSS Vulnerability ========================================================= 1. OVERVIEW The Help Content web application of Eclipse IDE was vulnerable to Cross Site Scripting XSS...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/11/16 12:0 a.m.36 views

Eclipse IDE Cross Site Scripting

========================================================= Eclipse IDE | Help Server Local Cross Site Scripting XSS Vulnerability ========================================================= 1. OVERVIEW The Help Content web application of Eclipse IDE was vulnerable to Cross Site Scripting XSS...

7.4AI score
Exploits0
Rows per page
Query Builder