293 matches found
CVE-2024-20284
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
CVE-2024-20284
CVE-2024-20284 : Cisco NX-OS Software contains a vulnerability in the Python interpreter that allows an authenticated, low-privileged, local attacker to escape the Python sandbox and run arbitrary commands on the underlying OS due to insufficient validation of user input. The attack requires Pyth...
CVE-2024-20284 Cisco NX-OS Software Python Parser Escape Vulnerability
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
CVE-2024-20284 Cisco NX-OS Software Python Parser Escape Vulnerability
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
CVE-2024-20285
Cisco NX-OS Software Python sandbox escape (CVE-2024-20285) affects the Python interpreter in NX-OS, where insufficient validation of user input allows an authenticated, low-privileged local attacker to escape the Python sandbox and execute commands on the underlying OS with the attacker’s privil...
CVE-2024-20285 Cisco NX-OS Software Python Parser Escape Vulnerability
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
CVE-2024-20286 Cisco NX-OS Software Python Parser Escape Vulnerability
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
CVE-2024-20286
CVE-2024-20286 : Cisco NX-OS Software contains a vulnerability in the Python interpreter that could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and run arbitrary commands on the device’s underlying OS. The root cause is insufficient validation of user-suppl...
CVE-2024-20286 Cisco NX-OS Software Python Parser Escape Vulnerability
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of...
PT-2024-6114
Name of the Vulnerable Software and Affected Versions Cisco NX-OS Software affected versions not specified Description A vulnerability in the Python interpreter could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying...
PT-2024-5972 · Cisco · Cisco Nx-Os +1
Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software versions up to 10.21q Description: A vulnerability in the Python interpreter could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operati...
PT-2024-6149 · Cisco · Cisco Nx-Os +1
Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input in the Python interpreter of Cisco NX-OS Software, allowing an authenticated, low-privileged, local...
AI/LLM Model File Contains Executable Code (Keras HFS5 .h5)
Binary data aimodelkerashfs5containsexecutablecode.nbin...
CPython 安全漏洞
CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the vulnerability of server sockets to connection contention from a malicious local peer...
ROS-20240704-10
A vulnerability in the python38.pth file of the Python programming language interpreter is related to ignoring the sys.path constraints specified in python38.pth . Exploitation of the vulnerability could allow an attacker acting remotely to download code from arbitrary locations A vulnerability i...
cpython Security Vulnerabilities
cpython is the Python Foundation's Python interpreter implemented in the C language. A security vulnerability exists in CPython that stems from not returning values based on the latest information from the IANA Special-Purpose Address Registries...
Zope 5.9 Command Injection Vulnerability
Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...
Zope 5.9 Command Injection
Vulnerability Report Title: Command Argument Injection Vulnerability in Zope WSGI Instance Creation Script Leading to RCE Description: A command Argument injection vulnerability has been identified in the Zope WSGI instance creation script used by the Zope web application server framework, which ...
BIT-TENSORFLOW-2020-26268 Write to immutable memory region in TensorFlow
In affected versions of TensorFlow the tf.rawops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the...
BIT-TENSORFLOW-2022-23594 Out of bounds read in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow MLIR makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef i...