Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

GithubExploit
GithubExploitadded 2026/02/15 12:22 p.m.128 views

modelscan-bypass-poc

⚠️ ModelScan Bypass PoC — Security Research WARNING: This...

6.3AI score
Exploits0
GithubExploit
GithubExploitadded 2026/02/15 12:16 p.m.132 views

modelscan-bypass-poc

⚠️ ModelScan Bypass PoC — Security Research WARNING: This...

6.3AI score
Exploits0
Veracode
Veracodeadded 2025/09/24 6:0 a.m.3 views

Insecure Deserialization

picklescan is vulnerable to insecure deserialization. The vulnerability is due to executing remote pickle files using profile.Profile.run, which allows an attacker to run arbitrary code on the system...

7.7AI score
Exploits0
Veracode
Veracodeadded 2025/09/23 9:1 a.m.2 views

Insecure Deserialization

picklescan is vulnerable to insecure deserialization. The vulnerability is due to the use of torch.utils.bottleneck.main.runautogradprof function to execute remote pickle files, which allows an attacker to run arbitrary code on the system...

8AI score
Exploits0
Veracode
Veracodeadded 2025/09/16 6:10 a.m.2 views

Insecure Deserialization

picklescan is vulnerable to Insecure Deserialization. The vulnerability is due to the use of torch.utils.collectenv.run function to execute remote pickle files, which allows an attacker to execute arbitrary code...

7.7AI score
Exploits0
Veracode
Veracodeadded 2025/09/15 7:20 a.m.2 views

Insecure Deserialization

picklescan is vulnerable to insecure deserialization. The vulnerability is due to the use of torch.utils.bottleneck.main.runcprofile function to execute remote pickle files, which allows an attacker to run arbitrary code...

7.5AI score
Exploits0
Github Security Blog
Github Security Blogadded 2025/08/26 9:36 p.m.3 views

Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand

Summary Using idlelib.pyshell.ModifiedInterpreter.runcommand function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2025/08/26 9:34 p.m.6 views

Picklescan is missing detection when calling built-in python ensurepip._run_pip

Summary Using ensurepip.runpip function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to ensurepip.runpip function in reduce method Then when the victim after...

7.9AI score
Exploits0References3Affected Software1
OSV
OSVadded 2024/10/08 10:29 a.m.2 views

MAL-2024-12270 Malicious code in fake-usreagant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef713dc551a4b2eb9b0c94b270f4c214aa90e688076e15bb263b3bb5f3b8484b Package imitates the legitimate fake-useragent, however it has a few suspicious additions: fake.py L149 calls a function from 'urllib2' module, which contains ...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/08 10:29 a.m.3 views

Malicious code in fake-usreagant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef713dc551a4b2eb9b0c94b270f4c214aa90e688076e15bb263b3bb5f3b8484b Package imitates the legitimate fake-useragent, however it has a few suspicious additions: fake.py L149 calls a function from 'urllib2' module, which contains ...

7.1AI score
Exploits0References1
Rows per page
Query Builder