Lucene search
K

116 matches found

OSV
OSV
added 2023/02/10 8:15 p.m.8 views

MAL-2023-2205 Malicious code in scikiit-learn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d420049daf11bd55e9fe5583eaa07a429768653f1a5d048717b0050c3b946535 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/10 8:15 p.m.9 views

MAL-2023-2213 Malicious code in scikit-lear (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5ec52d7c268c2df738e0beb5ce63289708eba4eb59d19f9419396d6ac611be4b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/10 8:15 p.m.9 views

MAL-2023-2203 Malicious code in sciit-learn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 64ce8a9c14387c34b739807badfa8d3e62bb51ec10f7869193e38c32089db405 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/10 8:15 p.m.10 views

MAL-2023-2219 Malicious code in scikit-llearn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6bf58245abb9da01b60c982ce640745844d2f52bf58abf309420ce018f35bc5e Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2023/01/11 12:0 a.m.42 views

scikit-learn: Denial of Service

Background scikit-learn is a machine learning library for Python. Description When supplied with a crafted model SVM, predict can result in a null pointer dereference. Impact An attcker capable of providing a crafted model to scikit-learn can result in denial of service. Workaround There is no...

7.5CVSS3.6AI score0.03429EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.26 views

GLSA-202301-03 : scikit-learn: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202301-03 scikit-learn: Denial of Service - DISPUTED svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted mod...

7.5CVSS7.5AI score0.03429EPSS
Exploits3References3
OSV
OSV
added 2022/05/24 5:34 p.m.1 views

GHSA-JXFP-4RVQ-9H9M scikit-learn Denial of Service

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

7.5CVSS7.1AI score0.03429EPSS
Exploits3References9
vulnersOsv
vulnersOsv
added 2022/05/24 5:34 p.m.8 views

a62-emotion (>=0.9.2 <=0.11.4), abdelrahman-obfuscate (>=1.0.0 <=1.0.1) +992 more potentially affected by CVE-2020-28975 via scikit-learn (>=0.23.2 <=1.0.0)

scikit-learn PYPI version =0.23.2, =0.9.2, =1.0.0, =2.0.0, =1.0.32, =0.0.0, =1.2.1, =1.3.3, =0.1.0.dev24560066971, =0.0.2, =0.0.1, =1.3.4, =0.0.1, =0.0.178 and more Source cves: CVE-2020-28975 Source advisory: OSV:GHSA-JXFP-4RVQ-9H9M...

7.5CVSS7.2AI score0.03429EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2022/05/24 5:34 p.m.35 views

scikit-learn Denial of Service

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

7.5CVSS7AI score0.03429EPSS
Exploits3References9Affected Software1
OSV
OSV
added 2022/05/24 5:17 p.m.2 views

GHSA-JJW5-XXJ6-PCV5 scikit-learn Deserialization of Untrusted Data

scikit-learn aka sklearn through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the joblib.load function is documented as unsafe and it is the user's...

9.8CVSS5.9AI score0.02645EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/24 5:17 p.m.33 views

scikit-learn Deserialization of Untrusted Data

scikit-learn aka sklearn through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the joblib.load function is documented as unsafe and it is the user's...

9.8CVSS9.7AI score0.02645EPSS
Exploits1References5Affected Software1
Gitee
Gitee
added 2021/01/02 5:34 p.m.2 views

graduation_design

This is a Python script for a web intrusion detection system using machine learning. The script uses the scikit-learn library to implement a supervised learning approach. It collects and preprocesses normal requests and attack payloads, and uses a Support Vector Machine SVM to classify new reques...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/01 12:0 a.m.498 views

SciKit-Learn 0.23.2 Denial Of Service

Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence technique with a large value in the nsuppo...

7.5AI score0.03429EPSS
Exploits3
0day.today
0day.today
added 2020/12/01 12:0 a.m.85 views

SciKit-Learn 0.23.2 Denial Of Service Vulnerability

SciKit-Learn 0.23.2 Denial Of Service Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence...

7.5CVSS7.6AI score0.03429EPSS
Exploits3
OSV
OSV
added 2020/11/21 9:15 p.m.8 views

CVE-2020-28975

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

7.5CVSS7.3AI score0.03429EPSS
Exploits3References6
NVD
NVD
added 2020/11/21 9:15 p.m.26 views

CVE-2020-28975

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

7.5CVSS7.3AI score0.03429EPSS
Exploits3References6
OSV
OSV
added 2020/11/21 9:15 p.m.4 views

UBUNTU-CVE-2020-28975

DISPUTED svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport...

7.5CVSS7.1AI score0.03429EPSS
Exploits3References4
OSV
OSV
added 2020/11/21 9:15 p.m.65 views

PYSEC-2020-108

DISPUTED svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport...

7.5CVSS6.2AI score0.03429EPSS
Exploits3References5
UbuntuCve
UbuntuCve
added 2020/11/21 9:15 p.m.26 views

CVE-2020-28975

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

7.5CVSS7.1AI score0.03429EPSS
Exploits3References3
Prion
Prion
added 2020/11/21 9:15 p.m.17 views

Design/Logic Flaw

svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport array. NOT...

5CVSS7.2AI score0.03429EPSS
Exploits3References6Affected Software1
Rows per page
Query Builder