CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

SUSE CVE•added 2024/06/28 11:16 p.m.•1 views

SUSE CVE-2024-39705

NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averagedperceptrontagger and punkt...

9.8CVSS7.5AI score0.10792EPSS

Exploits0References5

Veracode•added 2024/06/28 12:31 p.m.•17 views

Remote Code Execution

nltk is vulnerable to Remote Code Execution. The vulnerability is due to models containing pickled Python code, which could allow an attacker to execute arbitrary code. An attacker would need to preform a man-in-the-middle attack to modify the packaged pickles such as the averagedperceptrontagger...

9.8CVSS8AI score0.10792EPSS

Exploits0References3Affected Software1

OSV•added 2024/06/28 12:33 a.m.•29 views

GHSA-CGVX-9447-VCCH ntlk unsafe deserialization vulnerability

7.5CVSS9.7AI score0.10792EPSS

Exploits0References7

Github Security Blog•added 2024/06/28 12:33 a.m.•85 views

ntlk unsafe deserialization vulnerability

9.8CVSS7.9AI score0.10792EPSS

Exploits0References7Affected Software1

OSV•added 2024/06/27 10:15 p.m.•3 views

DEBIAN-CVE-2024-39705

9.8CVSS7.9AI score0.10792EPSS

Exploits0References1

OSV•added 2024/06/27 10:15 p.m.•9 views

PYSEC-2024-167

9.8CVSS9.9AI score0.10792EPSS

Exploits0References3

PyPA•added 2024/06/27 10:15 p.m.•6 views

PYSEC-2024-167

9.8CVSS8.2AI score0.10792EPSS

Exploits0References3Affected Software1

OSV•added 2024/06/27 10:15 p.m.•1 views

UBUNTU-CVE-2024-39705

9.8CVSS7.5AI score0.10792EPSS

Exploits0References4

Vulnrichment•added 2024/06/27 12:0 a.m.•24 views

CVE-2024-39705

8.2AI score0.10792EPSS

Exploits0References3

Cvelist•added 2024/06/27 12:0 a.m.•177 views

CVE-2024-39705

0.10792EPSS

Exploits0References3

CVE•added 2024/06/27 12:0 a.m.•295 views

CVE-2024-39705

CVE-2024-39705 affects the Natural Language Toolkit (NLTK) up to version 3.8.1, enabling remote code execution when untrusted packages contain pickled Python code and the data package download feature is used. Affected in-core components cited include averaged_perceptron_tagger and punkt. Remedia...

9.8CVSS8AI score0.10792EPSS

Exploits0References3

Debian CVE•added 2024/06/27 12:0 a.m.•19 views

CVE-2024-39705

9.8CVSS7.9AI score0.10792EPSS

Exploits0

GithubExploit•added 2024/06/21 10:24 a.m.•73 views

Remote code execution vulnerability in NLTK

The current and earlier versions of NLTK are vulnerable to a rem...

8.4AI score

Exploits0

Positive Technologies•added 2024/05/19 12:0 a.m.•2 views

PT-2024-6156 · Nltk +2 · Nltk +2

Name of the Vulnerable Software and Affected Versions: NLTK versions 3.8.1 and earlier Description: The issue is related to the nltk.download function in the NLTK library, which can lead to remote code execution when untrusted packages containing pickled Python code are downloaded. This...

10CVSS7.6AI score0.10792EPSS

Exploits2References33

OSV•added 2021/12/23 6:15 p.m.•1 views

DEBIAN-CVE-2021-43854

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is present in...

7.5CVSS7.5AI score0.00144EPSS

Exploits1References1

OSV•added 2021/12/23 6:15 p.m.•0 views

PYSEC-2021-859

7.5CVSS6.1AI score0.00144EPSS

Exploits1References4

PyPA•added 2021/12/23 6:15 p.m.•3 views

PYSEC-2021-859

7.5CVSS6.9AI score0.00144EPSS

Exploits1References4Affected Software1

OSV•added 2021/12/23 6:15 p.m.•0 views

UBUNTU-CVE-2021-43854