4 matches found
CVE-2026-31072
The JSONSerializer and CBORSerializer in APScheduler all versions including 3.10.x and 4.0.0a5 are vulnerable to Remote Code Execution RCE via Insecure Deserialization. The unmarshalobject function allows for arbitrary class instantiation and state injection by dynamically importing modules and...
EUVD-2015-1480
Malware in sbrugna...
CVE-2025-49131
The CVE-2025-49131 affects FastGPT’s sandbox container (fastgpt-sandbox) prior to 4.9.11. The issue is insufficient isolation and overly permissive syscalls that allow bypassing Python import restrictions, enabling reads/writes of arbitrary files and potential sandbox escape. A PoC exploit exists...
CVE-2021-45082
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function checkforinvalidimports can allow Cheetah code to import Python modules via the "from MODULE import" substring. Only lines beginning with import are blocked...