68 matches found
CVE-2026-35050
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...
EUVD-2026-14478
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
GHSA-WCJ4-JW5J-44WH CBORDecoder reuse can leak shareable values across decode calls
Summary When a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag 29. This allows an attacker-controlled message to read data from previously decoded...
EUVD-2020-9117
Malware in sbrugna...
EUVD-2020-8934
Malware in sbrugna...
EUVD-2025-20551
Malicious code in bioql PyPI...
EUVD-2024-43918
Malicious code in bioql PyPI...
CVE-2025-49714
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally...
CVE-2025-49714
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally...
CVE-2025-49714
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally...
CVE-2025-49714
CVE-2025-49714 involves the Visual Studio Code Python Extension. The connected sources describe a trust boundary violation that can let an unauthorized attacker execute code locally, effectively a remote code execution scenario through the Python extension. The vulnerability is tied to Visual Stu...
CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability
...
CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability
...
Visual Studio Code Python Extension Remote Code Execution Vulnerability
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally...
PT-2025-28605
Name of the Vulnerable Software and Affected Versions: Visual Studio Code - Python extension affected versions not specified Description: The issue is related to a trust boundary violation in the Visual Studio Code - Python extension, allowing an unauthorized attacker to execute code locally...
Security Update for Microsoft Visual Studio Code Python Extension (July 2025)
The Microsoft Visual Studio Code Python Extension is prior to version 2025.8.1. It is, therefore, affected by an undisclosed remote code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
CVE-2020-1192
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...