Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:34 a.m.4 views

CVE-2024-41116

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 1254 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 1345, leading to remote code...

9.8CVSS9.7AI score0.0196EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:34 a.m.7 views

CVE-2024-41117

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 115 in pages/10🌍EarthEngineDatasets.py takes user input, which is later used in the eval function on line 126, leading to remote...

9.8CVSS9.7AI score0.02335EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:33 a.m.8 views

CVE-2024-41113

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 383 or line 390 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 395, leading to remote...

9.8CVSS9.7AI score0.01559EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-38932

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.01559EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/02/05 7:52 a.m.11 views

CVE-2024-41118

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 47 of pages/7📦WebMapService.py takes user input, which is passed to getlayers function, in which url is used with getwmslayer method...

9.8CVSS9.4AI score0.00214EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 7:51 a.m.4 views

CVE-2024-41114

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 435, leading to remote code executio...

9.8CVSS9.7AI score0.01307EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 7:42 a.m.2 views

CVE-2024-41115

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 488 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 493, leading to remote code executio...

9.8CVSS9.7AI score0.01121EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 7:41 a.m.6 views

CVE-2024-41120

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9🔲VectorDataVisualization.py takes user input, which is later passed to the gpd.readfile method. gpd.readfile method create...

9.8CVSS9.5AI score0.0024EPSS
Exploits1References1
NVD
NVDadded 2024/07/26 9:15 p.m.18 views

CVE-2024-41120

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9🔲VectorDataVisualization.py takes user input, which is later passed to the gpd.readfile method. gpd.readfile method create...

9.8CVSS0.0024EPSS
Exploits1References4
NVD
NVDadded 2024/07/26 9:15 p.m.14 views

CVE-2024-41117

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 115 in pages/10🌍EarthEngineDatasets.py takes user input, which is later used in the eval function on line 126, leading to remote...

9.8CVSS0.02335EPSS
Exploits1References4
NVD
NVDadded 2024/07/26 9:15 p.m.19 views

CVE-2024-41118

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 47 of pages/7📦WebMapService.py takes user input, which is passed to getlayers function, in which url is used with getwmslayer method...

9.8CVSS0.00214EPSS
Exploits1References5
NVD
NVDadded 2024/07/26 9:15 p.m.11 views

CVE-2024-41119

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 80 in 8🏜️RasterDataVisualization.py takes user input, which is later used in the eval function on line 86, leading to remote code...

9.8CVSS0.01559EPSS
Exploits1References4
NVD
NVDadded 2024/07/26 9:15 p.m.11 views

CVE-2024-41115

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 488 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 493, leading to remote code executio...

9.8CVSS0.01121EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/07/26 8:57 p.m.19 views

CVE-2024-41120 streamlit-geospatial blind SSRF in pages/9_🔲_Vector_Data_Visualization.py

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9🔲VectorDataVisualization.py takes user input, which is later passed to the gpd.readfile method. gpd.readfile method create...

9.8CVSS0.0024EPSS
Exploits1References4
OSV
OSVadded 2024/07/26 8:57 p.m.9 views

CVE-2024-41120 streamlit-geospatial blind SSRF in pages/9_🔲_Vector_Data_Visualization.py

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9🔲VectorDataVisualization.py takes user input, which is later passed to the gpd.readfile method. gpd.readfile method create...

9.8CVSS6.9AI score0.0024EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2024/07/26 8:57 p.m.13 views

CVE-2024-41120 streamlit-geospatial blind SSRF in pages/9_🔲_Vector_Data_Visualization.py

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9🔲VectorDataVisualization.py takes user input, which is later passed to the gpd.readfile method. gpd.readfile method create...

9.8CVSS7AI score0.0024EPSS
Exploits1References4
CVE
CVEadded 2024/07/26 8:57 p.m.46 views

CVE-2024-41120

Affected software: streamlit-geospatial (a Streamlit multipage geospatial app). Technical issue: the url variable in pages/9_🔲_Vector_Data_Visualization.py accepts user input and passes it to gpd.read_file, which can trigger requests to arbitrary destinations. Impact described as blind server-sid...

9.8CVSS9.6AI score0.0024EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/26 8:54 p.m.18 views

CVE-2024-41119 streamlit-geospatial remote code execution in pages/8_🏜️_Raster_Data_Visualization.py

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 80 in 8🏜️RasterDataVisualization.py takes user input, which is later used in the eval function on line 86, leading to remote code...

9.8CVSS7.7AI score0.01559EPSS
Exploits1References4
OSV
OSVadded 2024/07/26 8:54 p.m.5 views

CVE-2024-41119 streamlit-geospatial remote code execution in pages/8_🏜️_Raster_Data_Visualization.py

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 80 in 8🏜️RasterDataVisualization.py takes user input, which is later used in the eval function on line 86, leading to remote code...

9.8CVSS8AI score0.01559EPSS
Exploits1References6
CVE
CVEadded 2024/07/26 8:54 p.m.41 views

CVE-2024-41119

The CVE-2024-41119 entry concerns streamlit-geospatial. Affected component: the page 8_🏜️_Raster_Data_Visualization.py where the vis_params parameter accepts user input that is later used in eval(), enabling remote code execution prior to the fix (commit c4f81d9616d40c60584e36abb15300853a66e489). ...

9.8CVSS9.8AI score0.01559EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder