48 matches found
EUVD-2024-36196
Malicious code in bioql PyPI...
EUVD-2024-36199
Malicious code in bioql PyPI...
EUVD-2024-36197
Malicious code in bioql PyPI...
EUVD-2024-36195
Malicious code in bioql PyPI...
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-36732
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.tensordot...
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-48346
Affected software: xtreme1
CVE-2024-48346
xtreme1 = v0.9.1 contains a Server-Side Request Forgery SSRF vulnerability in the /api/data/upload path. The vulnerability is triggered through the fileUrl parameter, which allows an attacker to make arbitrary requests to internal or external systems...
CVE-2024-36735
OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating...
CVE-2024-36734
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting a negative value into the dim parameter...
CVE-2024-36730
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting negative values into the oneflow.zeros/ones parameter...
CVE-2024-36732
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.tensordot...
CVE-2024-36730
CVE-2024-36730 concerns OneFlow-Inc Oneflow v0.9.1 with improper input validation in the zeros/ones parameter, allowing a Denial of Service via negative values. The core issue is input validation weakness in creating arrays with negative inputs, leading to high-severity impact (per CVSS 3.1 data)...
CVE-2024-36730
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting negative values into the oneflow.zeros/ones parameter...
CVE-2024-36734
CVE-2024-36734 involves OneFlow-Inc. Oneflow v0.9.1, with an improper input validation in the dim parameter that can be exploited to cause a Denial of Service. The vulnerability is described across multiple sources as a DoS triggered by negative input values for dim, leading to availability impac...
CVE-2024-36735
CVE-2024-36735 affects OneFlow v0.9.1. The issue is that the parameter oneflow.eye being floating does not trigger an error or warning, potentially allowing silent misconfiguration. Exploitation details are not provided in the connected documents. The PT Security entry recommends restricting the ...
CVE-2024-36737
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting a negative value into the oneflow.full parameter...
CVE-2024-36736
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed...
CVE-2024-36736
CVE-2024-36736 affects OneFlow-Inc OneFlow v0.9.1, specifically the oneflow.permute component, where performing the same dimension operation yields an incorrect calculation. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction. Multiple sourc...