Arbitrary Code Execution

InspireMusic is vulnerable to Arbitrary Code Execution. The vulnerability is due to insecure deserialization due to unsafe use of Python's pickle module in the loadstatedict function, which can allow attackers to execute arbitrary code when loading untrusted data...

PT-2025-15902 · Pypi · Picklescan

Summary An unsafe deserialization vulnerability in Python’s pickle module allows an attacker to bypass static analysis tools like Picklescan and execute arbitrary code during deserialization. This can be exploited by import some built-in function in Numpy library that indrectly call some dangerou...

Remote Code Execution (RCE)

DGL is vulnerable to Remote Code Execution RCE.The vulnerability is due to unsafe deserialization due to the use of Python's pickle module for serializing and deserializing network messages, which can allow attackers to execute arbitrary code remotely...

CVE-2019-6446

An issue was discovered in NumPy before 1.16.3. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have...

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

RHEL 6 : system-config-firewall (RHSA-2011:0953)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0953 advisory. system-config-firewall is a graphical user interface for basic firewall setup. It was found that system-config-firewall used the Python pickle module...