14 matches found
EUVD-2025-18708
Malicious code in bioql PyPI...
EUVD-2025-18706
Malicious code in bioql PyPI...
EUVD-2025-18700
Malicious code in bioql PyPI...
EUVD-2025-18766
Malicious code in bioql PyPI...
CVE-2025-47293
PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity XXE attack and to a server-side request forgery SSRF attack. This allows an attacker to elevate their...
CVE-2025-48058
PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause...
CVE-2025-47771
PowSyBl Power System Blocks is a framework to build power system oriented software. In versions 6.3.0 to 6.7.1, there is a deserialization issue in the read method of the SparseMatrix class that can lead to a wide range of privilege escalations depending on the circumstances. This method takes in...
CVE-2025-48059
PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...
CVE-2025-48059 PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion
PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...
CVE-2025-48059 PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion
PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...
CVE-2025-48059 PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion
PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...
CVE-2025-48058
PowSyBl Core contains a polynomial ReDoS vulnerability in the DataSource mechanism (affecting listNames regex handling) prior to version 6.7.2. Exploitation can cause high CPU due to regex backtracking. The issue has been patched in com.powsybl:powsybl-commons:6.7.2 and related patches in 6.7.2+;...
CVE-2025-47771
PowSyBl Power System Blocks is a framework to build power system oriented software. In versions 6.3.0 to 6.7.1, there is a deserialization issue in the read method of the SparseMatrix class that can lead to a wide range of privilege escalations depending on the circumstances. This method takes in...
CVE-2025-47771
PowSyBl Core versions 6.3.0–6.7.1 contain a deserialization issue in SparseMatrix.read(InputStream) that can lead to privilege escalations under various circumstances. The root cause is a vulnerability in how SparseMatrix is deserialized, enabling untrusted input to affect system state. A fix is ...