Lucene search
K

193 matches found

vulnersOsv
vulnersOsv
added 2024/05/31 3:30 p.m.6 views

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5565 via vanna (>=0.0.30 <=0.0.36)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5565 Source advisory: OSV:GHSA-7735-W2JP-GVG6...

8.1CVSS7.4AI score0.14956EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2024/01/25 12:0 a.m.12 views

A Bootiful Podcast: Spring trainer extraordinairre Patrick Baumgartner

Hi, Spring fans! In this installment, I talked to Spring trainer extraordinaire, long-time community contributor, and Voxxed Days co-organizer for various shows in Switzerland. This talk was recorded live at Voxxed Days CERN!...

7.2AI score
Exploits0
Patchstack
Patchstack
added 2023/03/28 12:0 a.m.28 views

WordPress fitness-trainer Plugin < 1.4.1 is vulnerable to Privilege Escalation

Software fitness-trainer Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 4ffd920db47c Credits Omar Badran Required privilege...

8.8CVSS8.6AI score0.00905EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2023/03/07 12:15 a.m.21 views

CVE-2017-20181

A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...

5.5CVSS5.6AI score0.00266EPSS
Exploits0References4
OSV
OSV
added 2023/03/07 12:15 a.m.14 views

CVE-2017-20181

A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...

5.5CVSS6AI score
Exploits0References4
Cvelist
Cvelist
added 2023/03/06 11:31 p.m.22 views

CVE-2017-20181 hgzojer Vocable Trainer VocableTrainerProvider.java path traversal

A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...

5.3CVSS5.7AI score0.00266EPSS
Exploits0References4
CVE
CVE
added 2023/03/06 11:31 p.m.119 views

CVE-2017-20181

CVE-2017-20181 affects hgzojer Vocable Trainer for Android up to 1.3.0. The issue resides in VocableTrainerProvider.java and enables path traversal; local access is required for an exploit. A fix is available in version 1.3.1 via patch accf6838078f8eb105cfc7865aba5c705fb68426. References indicate...

5.5CVSS5.5AI score0.00266EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/06 11:31 p.m.9 views

CVE-2017-20181 hgzojer Vocable Trainer VocableTrainerProvider.java path traversal

A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...

5.3CVSS7.4AI score0.00266EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.5 views

PT-2023-10632 · Unknown · Vocable Trainer

Name of the Vulnerable Software and Affected Versions: hgzojer Vocable Trainer versions up to 1.3.0 Description: A critical vulnerability was found in the hgzojer Vocable Trainer, affecting unknown code of the file VocableTrainerProvider.java. The manipulation leads to path traversal, and attacki...

5.5CVSS5.7AI score0.00266EPSS
Exploits0References8
NVD
NVD
added 2023/01/04 10:15 a.m.15 views

CVE-2014-125039

A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

6.1CVSS4.5AI score0.00511EPSS
Exploits0References3
Prion
Prion
added 2023/01/04 10:15 a.m.17 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

4CVSS6.5AI score0.00511EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/01/04 9:12 a.m.71 views

CVE-2014-125039

CVE-2014-125039 affects kkokko NeoXplora, specifically the Trainer Handler component, with a cross-site scripting vulnerability. The issue can be manipulated remotely and has multiple corroborating entries (NVD, Red Hat, CVE list, PRION, Vulners enrichments, PT-Security) indicating an XSS flaw in...

6.1CVSS4.5AI score0.00511EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/04 9:12 a.m.8 views

CVE-2014-125039 kkokko NeoXplora Trainer cross site scripting

A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

4CVSS6.3AI score0.00511EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/04 12:0 a.m.4 views

NeoXplora 跨站脚本漏洞

NeoXplora is an application by kkokko Personal Developer. NeoXplora suffers from a cross-site scripting vulnerability that stems from some unknown functionality of the component Trainer Handler, which leads to cross-site scripting...

6.1CVSS4.2AI score0.00511EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/04 12:0 a.m.3 views

PT-2023-10109 · Unknown · Kkokko Neoxplora

Name of the Vulnerable Software and Affected Versions: kkokko NeoXplora affected versions not specified Description: A problematic issue has been found in the component Trainer Handler of kkokko NeoXplora, leading to cross site scripting. The manipulation can be launched remotely. Recommendations...

6.1CVSS6.6AI score0.00511EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/08/11 4:55 a.m.23 views

CVE-2022-2745 SourceCodester Gym Management System Add New Trainer add_trainers.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/addtrainers.php of the component Add New Trainer. The manipulation of the argument trainername leads to sql injection. It is possible to initiate t...

6.3CVSS10AI score0.00466EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.5 views

PT-2022-18431 · Sourcecodester · Sourcecodester Gym Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Gym Management System affected versions not specified Description: A critical issue was found in the SourceCodester Gym Management System, affecting the /admin/add trainers.php file of the Add New Trainer component. The...

9.8CVSS9.3AI score0.00466EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.3 views

Gym Management System SQL注入漏洞

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A SQL injection vulnerabilit...

9.8CVSS8.6AI score0.00466EPSS
Exploits0References2
OSV
OSV
added 2022/03/06 12:0 a.m.41 views

GHSA-R5QJ-CVF9-P85H Code Injection in PyTorch Lightning

PyTorch Lightning version 1.5.10 and prior is vulnerable to code injection. An attacker could execute commands on the target OS running the operating system by setting the PLTRAINERGPUS when using the Trainer module. A patch is included in the 1.6.0 release...

9.8CVSS8.9AI score0.00965EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/03/06 12:0 a.m.37 views

Code Injection in PyTorch Lightning

PyTorch Lightning version 1.5.10 and prior is vulnerable to code injection. An attacker could execute commands on the target OS running the operating system by setting the PLTRAINERGPUS when using the Trainer module. A patch is included in the 1.6.0 release...

10CVSS4.4AI score0.00965EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder