137 matches found
EUVD-2014-0048
Malware in sbrugna...
EUVD-2022-4717
Malicious code in bioql PyPI...
EUVD-2024-2774
Malicious code in bioql PyPI...
EUVD-2024-0108
Malicious code in bioql PyPI...
EUVD-2024-0109
Malicious code in bioql PyPI...
EUVD-2024-0105
Malicious code in bioql PyPI...
EUVD-2024-54799
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-39835
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys...
EulerOS 2.0 SP11 : python-jinja2 (EulerOS-SA-2025-1966)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filte...
📄 Wazuh Server Remote Code Execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are serialized as JSON and...
CVE-2025-5120
A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...
CVE-2025-5120
A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...
CVE-2025-51482
Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...
CVE-2025-51482
Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...
CVE-2025-51472
Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...
DEBIAN-CVE-2025-3753
A code execution vulnerability has been identified in the Robot Operating System ROS 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval function to process unsanitized, user-supplied input in the 'rosbag filter' command. This...
CVE-2024-39835
A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...
Security Bulletin: Vulnerability in jinja2 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-56201, CVE-2024-56326].
Summary The jinja2 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-56201, CVE-2024-56326. Vulnerability Details CVEID:CVE-2024-56201 DESCRIPTION: Jinja is an extensible templating engine. In versions on the 3.x bran...
Robot Operating System 安全漏洞
Robot Operating System is a meta-operating system for robots. A security vulnerability exists in Robot Operating System, which originates from YAML deserialization and could lead to the execution of arbitrary Python code by a local or remote user...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...