CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2026/04/05 3:30 a.m.•1 views

EUVD-2026-19009

A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of the component Model Pull API. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this...

6.5CVSS6.2AI score0.00014EPSS

Exploits1References4

CNNVD•added 2026/04/05 12:0 a.m.•3 views

Ollama 代码问题漏洞

Ollama is an open-source tool developed by Ollama that allows for the running, management, and customization of large language models on local devices. Ollama versions 18.1 and earlier had a code vulnerability caused by server-side request forgery in the file server/download.go...

6.5CVSS6.6AI score0.00014EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-25741

Malicious code in bioql PyPI...

5.8CVSS5AI score0.00042EPSS

Exploits0References4

Github Security Blog•added 2025/09/17 8:10 p.m.•7 views

DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error

Impact We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug...

6.9CVSS7.1AI score0.00075EPSS

Exploits0References5Affected Software2

Positive Technologies•added 2025/09/17 12:0 a.m.•1 views

PT-2025-38262

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description Dragonfly is a P2P-based file distribution and image acceleration system. Prior to version 2.1.0, the first return value of a function is dereferenced even when the function returns an error,...

9.9CVSS9.1AI score0.06448EPSS

Exploits11References45

GitLab Advisory Database•added 2025/09/17 12:0 a.m.•10 views

DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error

We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug. golang...

6.9CVSS7.1AI score0.00075EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2024/05/23 12:0 a.m.•3 views

PT-2024-30737 · Jenkins · Cas

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue does not validate a path generated with user input when downloading files, allowing an unauthenticated user to download arbitrary files from t...

7.5CVSS7.2AI score0.00327EPSS

Exploits1References3

Snyk•added 2023/10/11 9:0 p.m.•1 views

Malicious Package

Overview Pathoschild.Stardew.Mod.BuildConfig is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on t...

9.8CVSS7.4AI score

Exploits0References2

The Hacker News•added 2023/07/31 1:38 p.m.•55 views

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

The P2PInfect peer-to-peer P2 worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security...

10CVSS9.1AI score0.94398EPSS

Exploits8