EUVD-2024-30909

Malicious code in bioql PyPI...

EUVD-2024-35190

Malicious code in bioql PyPI...

EUVD-2024-54610

Malicious code in bioql PyPI...

EUVD-2024-35187

Malicious code in bioql PyPI...

EUVD-2023-1607

Malicious code in bioql PyPI...

EUVD-2025-8020

Malicious code in bioql PyPI...

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

...

PYSEC-2025-205

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

CVE-2025-55557

A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service DoS...

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sysauth$pic, 1 function, which utilizes a hard-coded key McEncryptionKey bD2voYwPpNuJ7B8, defined in the...

CVE-2025-50234

Summary: MCCMS v2.7.0 contains an SSRF vulnerability in the index() method of sys/apps/controllers/api/Gf.php where the pic parameter is decrypted via sys_auth($pic,1) using a hard-coded key Mc_Encryption_Key (bD2voYwPpNuJ7B8) defined in db.php. The decrypted URL is passed to geturl(), which uses...

CVE-2025-51651

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request...

CVE-2025-51651

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request...

CVE-2023-41591

CVE-2023-41591 affects Open Network Foundation ONOS v2.7.0. The issue allows an attacker to create fake IP/MAC addresses, enabling potential man-in-the-middle attacks between spoofed and legitimate hosts. The Red Hat and NVD/NVDA references describe the same impact. Snyk reports org.onosproject:o...

CVE-2024-53423

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service DoS via supplying crafted packets...

CVE-2024-53423

CVE-2024-53423 concerns Open Network Foundation ONOS v2.7.0 where attackers can cause a Denial of Service by sending crafted packets. The entry is supported by multiple sources (NVD, CVE records, Red Hat advisory, OSV, CNNVD, PT Security). CVSS v3.1 base score is 5.6 (Network, Low/Low/Low impacts...

CVE-2024-33148

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the list function...

CVE-2024-36542

Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...

CVE-2025-29312

An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct...

CVE-2025-29310

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information...