Astra Linux - уязвимость в pillow

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...

simpleeval 安全漏洞

SimpleEval is a Python expression security evaluation library developed by Daniel. Versions of SimpleEval prior to 1.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of objects directly accessing dangerous modules within the sandbox through attributes. If...

CVE-2024-41148

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...

EUVD-2025-0127

Malicious code in bioql PyPI...

CVE-2024-41148

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...

PT-2025-29953 · Unknown +1 · Robot Operating System +1

Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the rostopic command-line tool within the Robot Operating System ROS. The vulnerability is located in the echo verb, which utilizes the...