Lucene search
K

8 matches found

Snyk
Snyk
added 2025/09/24 1:43 p.m.2 views

Arbitrary Code Injection

Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Arbitrary Code Injection via the msdp\preprocessing script. An attacker can execute arbitrary code and escalate privileges...

8.5CVSS8.3AI score0.0022EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/27 12:0 a.m.4 views

PT-2023-9825

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.1 Description Gogs, an open-source self-hosted Git service, has an issue that allows a malicious user to write a file to an arbitrary path on the server, potentially gaining SSH access. The vulnerability resides in...

9.9CVSS8.2AI score0.75197EPSS
Exploits5References50
Positive Technologies
Positive Technologies
added 2023/04/20 12:0 a.m.3 views

PT-2023-9258

Name of the Vulnerable Software and Affected Versions Gogs versions through 0.13.0 Description The issue is related to argument injection during the previewing of changes, which can allow a remote attacker to execute arbitrary commands. Unprivileged user accounts can write to arbitrary files on t...

9.9CVSS6.4AI score0.1718EPSS
Exploits1References26
OSV
OSV
added 2022/09/06 12:0 a.m.3 views

GHSA-C86F-9GRV-PMQF Apache IoTDB grafana-connector contains an interface without authorization

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of a database. Users should upgrade to version 0.13.1, which addresses this issue...

7.5CVSS5.8AI score0.01146EPSS
Exploits0References5
OSV
OSV
added 2022/09/06 12:0 a.m.2 views

GHSA-G6VM-3CH8-C6JQ Apache IoTDB Session Fixation vulnerability

Apache IoTDB version 0.13.0 is vulnerable to session id attack. Users should upgrade to version 0.13.1 which addresses this issue...

8.8CVSS7.2AI score0.01089EPSS
Exploits0References5
OSV
OSV
added 2022/09/05 10:15 a.m.53 views

PYSEC-2022-43069

Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue...

8.8CVSS8.6AI score0.01089EPSS
Exploits0References5
Snyk
Snyk
added 2021/06/08 10:49 a.m.3 views

Information Exposure

Overview foremanfogproxmox is a Foreman plugin adds Proxmox VE compute resource using fog-proxmox. It is compatible with Foreman 1.22+. Affected versions of this package are vulnerable to Information Exposure. A password leak was identified on Foreman project which will expose Proxmox compute...

7.8CVSS6.9AI score0.00273EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2017/05/02 12:0 a.m.4 views

PT-2017-8498 · Apache +1 · Apache Qpid Proton +1

Name of the Vulnerable Software and Affected Versions: Apache Qpid Proton library versions prior to 0.13.1 Description: The issue concerns the C client and C-based client bindings in the Apache Qpid Proton library, which do not properly verify the server hostname against the domain name in the...

6.5CVSS6.3AI score0.04267EPSS
Exploits0References9
Rows per page
Query Builder