193 matches found
cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5565 via vanna (>=0.0.30 <=0.0.36)
vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5565 Source advisory: OSV:GHSA-7735-W2JP-GVG6...
A Bootiful Podcast: Spring trainer extraordinairre Patrick Baumgartner
Hi, Spring fans! In this installment, I talked to Spring trainer extraordinaire, long-time community contributor, and Voxxed Days co-organizer for various shows in Switzerland. This talk was recorded live at Voxxed Days CERN!...
WordPress fitness-trainer Plugin < 1.4.1 is vulnerable to Privilege Escalation
Software fitness-trainer Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 4ffd920db47c Credits Omar Badran Required privilege...
CVE-2017-20181
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...
CVE-2017-20181
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...
CVE-2017-20181 hgzojer Vocable Trainer VocableTrainerProvider.java path traversal
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...
CVE-2017-20181
CVE-2017-20181 affects hgzojer Vocable Trainer for Android up to 1.3.0. The issue resides in VocableTrainerProvider.java and enables path traversal; local access is required for an exploit. A fix is available in version 1.3.1 via patch accf6838078f8eb105cfc7865aba5c705fb68426. References indicate...
CVE-2017-20181 hgzojer Vocable Trainer VocableTrainerProvider.java path traversal
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to...
PT-2023-10632 · Unknown · Vocable Trainer
Name of the Vulnerable Software and Affected Versions: hgzojer Vocable Trainer versions up to 1.3.0 Description: A critical vulnerability was found in the hgzojer Vocable Trainer, affecting unknown code of the file VocableTrainerProvider.java. The manipulation leads to path traversal, and attacki...
CVE-2014-125039
A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...
CVE-2014-125039
CVE-2014-125039 affects kkokko NeoXplora, specifically the Trainer Handler component, with a cross-site scripting vulnerability. The issue can be manipulated remotely and has multiple corroborating entries (NVD, Red Hat, CVE list, PRION, Vulners enrichments, PT-Security) indicating an XSS flaw in...
CVE-2014-125039 kkokko NeoXplora Trainer cross site scripting
A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...
NeoXplora 跨站脚本漏洞
NeoXplora is an application by kkokko Personal Developer. NeoXplora suffers from a cross-site scripting vulnerability that stems from some unknown functionality of the component Trainer Handler, which leads to cross-site scripting...
PT-2023-10109 · Unknown · Kkokko Neoxplora
Name of the Vulnerable Software and Affected Versions: kkokko NeoXplora affected versions not specified Description: A problematic issue has been found in the component Trainer Handler of kkokko NeoXplora, leading to cross site scripting. The manipulation can be launched remotely. Recommendations...
CVE-2022-2745 SourceCodester Gym Management System Add New Trainer add_trainers.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/addtrainers.php of the component Add New Trainer. The manipulation of the argument trainername leads to sql injection. It is possible to initiate t...
PT-2022-18431 · Sourcecodester · Sourcecodester Gym Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Gym Management System affected versions not specified Description: A critical issue was found in the SourceCodester Gym Management System, affecting the /admin/add trainers.php file of the Add New Trainer component. The...
Gym Management System SQL注入漏洞
Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A SQL injection vulnerabilit...
GHSA-R5QJ-CVF9-P85H Code Injection in PyTorch Lightning
PyTorch Lightning version 1.5.10 and prior is vulnerable to code injection. An attacker could execute commands on the target OS running the operating system by setting the PLTRAINERGPUS when using the Trainer module. A patch is included in the 1.6.0 release...
Code Injection in PyTorch Lightning
PyTorch Lightning version 1.5.10 and prior is vulnerable to code injection. An attacker could execute commands on the target OS running the operating system by setting the PLTRAINERGPUS when using the Trainer module. A patch is included in the 1.6.0 release...