Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4580 matches found

RedhatCVE
RedhatCVEadded 2025/03/21 10:26 p.m.8 views

CVE-2025-27780

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.8CVSS8.1AI score0.00845EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/21 10:24 p.m.8 views

CVE-2025-27781

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.8CVSS7.8AI score0.00845EPSS
Exploits0References1
NVD
NVDadded 2025/03/21 2:15 p.m.13 views

CVE-2025-2592

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack may be initiated...

8.8CVSS0.00684EPSS
Exploits1References7
Debian CVE
Debian CVEadded 2025/03/21 1:31 p.m.11 views

CVE-2025-2591

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

5.5CVSS4.7AI score0.006EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/03/19 10:17 p.m.12 views

CVE-2025-29909

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.8CVSS8.7AI score0.00992EPSS
Exploits1References1
NVD
NVDadded 2025/03/19 9:15 p.m.13 views

CVE-2025-27781

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.8CVSS0.00845EPSS
Exploits0References5
NVD
NVDadded 2025/03/19 9:15 p.m.6 views

CVE-2025-27780

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.8CVSS0.00845EPSS
Exploits0References4
NVD
NVDadded 2025/03/19 9:15 p.m.8 views

CVE-2025-27779

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelblender.py lines 20 and 21. modelfusiona and modelfusionb from voiceblender.py take user-supplied input e.g. a path to a model and pass that value to the runmodelblenderscript and...

9.8CVSS0.00845EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/03/19 8:42 p.m.33 views

CVE-2025-27779 Applio allows unsafe deserialization in model_blender.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelblender.py lines 20 and 21. modelfusiona and modelfusionb from voiceblender.py take user-supplied input e.g. a path to a model and pass that value to the runmodelblenderscript and...

9.3CVSS0.00845EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/03/19 8:22 p.m.11 views

CVE-2025-27781 Applio allows unsafe deserialization in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.3CVSS0.00845EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/03/19 8:22 p.m.8 views

CVE-2025-27781 Applio allows unsafe deserialization in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.3CVSS7.5AI score0.00845EPSS
Exploits0References5
CVE
CVEadded 2025/03/19 8:22 p.m.63 views

CVE-2025-27781

Applio is affected by CVE-2025-27781 through unsafe deserialization in the inference.py module (and related tts.py input handling). Versions 3.2.8-bugfix and prior are vulnerable because user-supplied model_file values are passed to change_choices/get_speakers_id, which loads models with torch.lo...

9.8CVSS7.4AI score0.00845EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2025/03/19 8:22 p.m.5 views

CVE-2025-27781 Applio allows unsafe deserialization in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.3CVSS8AI score0.00845EPSS
Exploits0References7
Cvelist
Cvelistadded 2025/03/19 8:16 p.m.12 views

CVE-2025-27780 Applio allows unsafe deserialization in model_information.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.3CVSS0.00845EPSS
Exploits0References4
CVE
CVEadded 2025/03/19 8:16 p.m.60 views

CVE-2025-27780

Summary: CVE-2025-27780 affects Applio (versions ≤ 3.2.8-bugfix). It stems from unsafe deserialization in model_information.py where model_name accepts user-supplied input and is passed to torch.load, enabling remote code execution. Impact: remote code execution potential. Status/Remediation: a p...

9.8CVSS7.5AI score0.00845EPSS
Exploits0References4Affected Software1
Rapid7 Blog
Rapid7 Blogadded 2025/03/19 5:40 p.m.10 views

Apache Tomcat CVE-2025-24813: What You Need to Know

Here at Rapid7, our usual bar for calling a vulnerability an emergent threat is either known exploitation at scale, or likelihood of exploitation at scale. Apache Tomcat CVE-2025-24813 fulfills neither of these criteria, despite a variety of news headlines alleging broad exploitation in the wild...

10CVSS9.6AI score0.99945EPSS
Exploits46
CBLMariner
CBLMarineradded 2025/03/19 3:8 p.m.12 views

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4. A patched version of the package is available...

8.1CVSS7AI score0.04967EPSS
Exploits0
NVD
NVDadded 2025/03/17 10:15 p.m.26 views

CVE-2025-29909

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.8CVSS0.00992EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/03/17 9:55 p.m.7 views

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.3CVSS8.3AI score0.00992EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/03/17 9:55 p.m.26 views

CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...

9.3CVSS0.00992EPSS
Exploits1References2
Rows per page
Query Builder