Lucene search
K

5 matches found

Amazon
Amazon
added 2026/04/01 12:0 a.m.11 views

Medium: python-pyasn1

Issue Overview: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands o...

7.5CVSS6.8AI score0.00679EPSS
Exploits1
Snyk
Snyk
added 2026/02/09 8:53 p.m.4 views

Server-side Request Forgery (SSRF)

Overview langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the improper validation of apiurl and apikey fields in baggage headers in RunTree.fromheaders and...

7.5CVSS5.9AI score0.00282EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/30 5:1 p.m.4 views

Arbitrary Command Injection

Overview figma-developer-mcp is a Give your coding agent access to your Figma data. Implement designs in any framework in one-shot. Affected versions of this package are vulnerable to Arbitrary Command Injection via the childprocess.exec call using unvalidated user input directly within...

8CVSS7.9AI score0.07417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/12 12:0 a.m.3 views

PT-2024-24184 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: rizin versions prior to 0.6.3 Description: The issue is related to a buffer overflow that can occur via the create cache bins, read cache accel, and rz dyldcache new buf functions in librz/bin/format/mach0/dyldcache.c. This can potentially le...

6.3CVSS7.1AI score0.00272EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/13 12:0 a.m.6 views

PT-2023-21225 · Maddy · Maddy

Name of the Vulnerable Software and Affected Versions: maddy versions 0.2.0 through 0.6.2 Description: The issue allows for a full authentication bypass if a SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified username, it i...

9.8CVSS7.6AI score0.01019EPSS
Exploits0References9
Rows per page
Query Builder