Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/05/11 12:0 a.m.7 views

CVE-2026-31249

CosyVoice contains an insecure deserialization vulnerability (CWE-502) in its data processing tool make_parquet_list.py. The script loads PyTorch .pt files (utterance embeddings, speaker embeddings, speech tokens) with torch.load() without enabling weights_only=True, allowing the deserialization ...

7.3CVSS6.1AI score0.00047EPSS
Exploits0References2
NVD
NVDadded 2025/03/20 10:15 a.m.5 views

CVE-2024-10096

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
CNNVD
CNNVDadded 2024/10/14 12:0 a.m.1 views

VINCE 安全漏洞

VINCE is an open source vulnerability information and coordination environment developed and used by the CERT Coordination Center in the United States. Vulnerability disclosure for improved coordination. A security vulnerability exists in VINCE versions prior to 3.0.8 that originates from an...

4.9CVSS6.2AI score0.00195EPSS
Exploits0References2
Veracode
Veracodeadded 2024/09/16 8:26 a.m.5 views

Deserialization Of Untrusted Data

MindsDB is vulnerable to Deserialization of Untrusted Data. The vulnerability is caused due to improper handling of pickle objects in the predict method of ModelWrapperUnsafe class within byomhandler.py, allowing execution of arbitrary code when deserializing a malicious pickle object...

7.5CVSS7.3AI score0.00293EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blogadded 2024/03/07 9:30 p.m.34 views

pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...

9.9CVSS5.2AI score0.83473EPSS
Exploits4References6Affected Software1
OSV
OSVadded 2024/03/07 9:30 p.m.106 views

GHSA-RJ98-CRF4-G69W pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...

9.9CVSS9.6AI score0.83473EPSS
Exploits4References6
Cvelist
Cvelistadded 2024/03/07 8:48 p.m.18 views

CVE-2024-2044 Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4

pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...

9.9CVSS9.9AI score0.83473EPSS
Exploits4References3
CNNVD
CNNVDadded 2022/10/26 12:0 a.m.1 views

CERT Coordination Center VINCE代码问题漏洞

VINCE is a CERT Coordination Center in the United States CERT Coordination Center open source a CERT Coordination Center development and use of vulnerability information and coordination environment. Vulnerability disclosure for improved coordination. A security vulnerability exists in CERT...

8.8CVSS8.8AI score0.02467EPSS
Exploits0References2
Rows per page
Query Builder