Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/03 9:37 p.m.9 views

Security Bulletin: IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file

Summary IBM Langflow Desktop supports retrieval-augmented generation RAG workflows through its FAISS Vector Store component, which loads persisted vector indexes and associated metadata from disk. A vulnerability in the FAISS component arises from unsafe deserialization of Python Pickle files,...

8.8CVSS6.7AI score0.00466EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34267 · Phproject · Phproject

Name of the Vulnerable Software and Affected Versions: Phproject versions 1.8.0 through 1.8.2 Description: Phproject is a high performance full-featured project management system. A Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. A...

6.9CVSS5.8AI score0.00377EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:21 a.m.4 views

CVE-2024-3078

A vulnerability was found in Qdrant up to 1.6.1/1.7.4/1.8.2 and classified as critical. This issue affects some unknown processing of the file lib/collection/src/collection/snapshots.rs of the component Full Snapshot REST API. The manipulation leads to path traversal. Upgrading to version 1.8.3 i...

9.8CVSS7.2AI score0.00874EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.5 views

CVE-2023-28839

Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platform to synchronize data. The module Shoppingfeed for PrestaShop is vulnerable to SQL injection between version 1.4.0 and 1.8.2 due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Users are advis...

9.8CVSS7.9AI score0.00752EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/17 12:22 a.m.4 views

SUSE CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

9.8CVSS7AI score0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.4 views

PT-2025-3267

Name of the Vulnerable Software and Affected Versions OpenFGA versions 1.3.8 through 1.8.2 Description The issue concerns an authorization bypass in OpenFGA under specific conditions, including calling Check API or ListObjects with a model that uses conditions, and OpenFGA being configured with...

9.8CVSS7.5AI score0.0104EPSS
Exploits2References92
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.6 views

PT-2024-22270 · Unknown · Peering Manager

Name of the Vulnerable Software and Affected Versions: Peering Manager versions 1.8.2 and earlier Description: The issue allows users to be redirected to an arbitrary page using a crafted URL, potentially leading to unexpected locations. This is a result of a flaw in the BGP session management...

6.1CVSS6.8AI score0.00406EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.4 views

PT-2024-22269 · Unknown · Peering Manager

Name of the Vulnerable Software and Affected Versions: Peering Manager versions prior to 1.8.3 Description: Peering Manager is a BGP session management tool. Affected versions of Peering Manager are subject to a potential stored Cross-Site Scripting XSS attack in the name attribute of AS or...

6.1CVSS5.6AI score0.00323EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.3 views

PT-2023-21999 · Prestashop · Shoppingfeed Prestashop

Name of the Vulnerable Software and Affected Versions: Shoppingfeed PrestaShop versions 1.4.0 through 1.8.2 Description: The Shoppingfeed PrestaShop module is vulnerable to SQL injection due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Recommendations: For...

9.8CVSS9.8AI score0.00752EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2015/07/14 12:0 a.m.8 views

PT-2015-6780 · Django Software Foundation +1 · Django +1

Name of the Vulnerable Software and Affected Versions: Django versions 1.8.0 through 1.8.2 Description: The issue allows remote attackers to cause a denial of service, specifically CPU consumption, via unspecified vectors. This is related to the validators.URLValidator in Django. Recommendations:...

9.8CVSS6.5AI score0.87218EPSS
Exploits29References93
Rows per page
Query Builder