Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29218

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.0059EPSS
Exploits0References2
OSV
OSV
added 2025/09/15 5:15 p.m.4 views

CVE-2025-59328

A vulnerability in Apache Fory allows a remote attacker to cause a Denial of Service DoS. The issue stems from the insecure deserialization of untrusted data. An attacker can supply a large, specially crafted data payload that, when processed, consumes an excessive amount of CPU resources during...

6.5CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 4:43 p.m.6 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can exhaust CPU resources and render the application or system unresponsive by submitting a large, specially crafted data payload. Details Serialization is a...

8.7CVSS6.7AI score0.0059EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/15 4:26 p.m.2 views

CVE-2025-59328 Apache Fory: Denial of Service (DoS) due to Deserialization of Untrusted malicious large Data

A vulnerability in Apache Fory allows a remote attacker to cause a Denial of Service DoS. The issue stems from the insecure deserialization of untrusted data. An attacker can supply a large, specially crafted data payload that, when processed, consumes an excessive amount of CPU resources during...

6.7AI score0.0059EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.9 views

PT-2025-37727

Name of the Vulnerable Software and Affected Versions: Apache Fory versions prior to 0.12.2 Description: A vulnerability in Apache Fory allows a remote attacker to cause a Denial of Service DoS. The issue is due to the insecure deserialization of untrusted data. An attacker can provide a large,...

6.5CVSS6.7AI score0.0059EPSS
Exploits0References11
Snyk
Snyk
added 2022/01/24 9:10 a.m.3 views

Prototype Pollution

Overview appwrite/server-ce is an End to end backend server for frontend and mobile apps. Affected versions of this package are vulnerable to Prototype Pollution. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leadi...

9.8CVSS6.7AI score0.02085EPSS
Exploits1References2
PyPA
PyPA
added 2020/12/01 9:15 p.m.9 views

PYSEC-2020-68

OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated in jupyterhub 1.2 configuration Authenticator.whitelist, which should be transparently mapped to Authenticator.allowedusers with a warning, is instead ignored by...

6.3CVSS6.8AI score0.01108EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder