Lucene search
K

509 matches found

Cvelist
Cvelist
added 2025/12/23 9:4 p.m.27 views

CVE-2025-14928 Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.13 views

CVE-2025-14928 Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.5AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.4 views

CVE-2025-14928 Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2025/12/23 9:4 p.m.16 views

CVE-2025-14928

CVE-2025-14928 – Hugging Face Transformers HuBERT convert_config code execution . A flaw in convert_config fails to validate a user-supplied string before using it to execute Python code, enabling arbitrary code execution when processing a malicious HuBERT checkpoint. Affected product: Hugging Fa...

7.8CVSS7.9AI score0.00278EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.24 views

CVE-2025-14924 Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.2 views

CVE-2025-14924 Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS7.3AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:4 p.m.23 views

CVE-2025-14924

Summary: CVE-2025-14924 affects Hugging Face Transformers megatron_gpt2. The vulnerability arises during the parsing of checkpoints, where user-supplied data is not properly validated, allowing deserialization of untrusted data and resulting in arbitrary code execution in the current process. Imp...

7.8CVSS7.9AI score0.00262EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/23 9:4 p.m.4 views

CVE-2025-14924 Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.3 views

CVE-2025-14920 Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability ...

7.8CVSS7.3AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:4 p.m.19 views

CVE-2025-14920

CVE-2025-14920 affects Hugging Face Transformers Perceiver Model with a deserialization of untrusted data in model files, enabling arbitrary code execution in the context of the current user when a user opens a malicious model/file or visits a crafted page. Impact details align with multiple sour...

7.8CVSS7.9AI score0.00262EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.28 views

CVE-2025-14920 Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability ...

7.8CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.26 views

CVE-2025-14926 Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

7.8CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.4 views

CVE-2025-14926 Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.2 views

CVE-2025-14926 Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

7.8CVSS7.5AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:4 p.m.20 views

CVE-2025-14926

Hugging Face Transformers SEW convert_config vulnerability (CVE-2025-14926) affects the Transformers library. The flaw is in convert_config: it does not validate a user-supplied string before using it to execute Python code, enabling arbitrary code execution in the attacker’s context when a malic...

7.8CVSS7.9AI score0.00278EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/23 9:4 p.m.20 views

CVE-2025-14927

The CVE-2025-14927 issue affects Hugging Face Transformers SEW-D, specifically the convert_config function. The flaw results from insufficient validation of a user-supplied string before it is used to execute Python code, enabling arbitrary code execution in the caller’s context when converting a...

7.8CVSS7.9AI score0.00278EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.29 views

CVE-2025-14927 Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.8 views

CVE-2025-14927 Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/23 9:4 p.m.30 views

CVE-2025-14921 Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 9:4 p.m.5 views

CVE-2025-14921 Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...

7.8CVSS7.6AI score0.00262EPSS
Exploits0References3
Rows per page
Query Builder