amlr (>=0.3.6 <=0.4.1), atlantic (>=0.0.92 <=2.0.30) +25 more potentially affected by CVE-2024-7765 via h2o (>=3.44.0.3 <=3.46.0.11)

h2o PYPI version =3.44.0.3, =0.3.6, =0.0.92, =1.0.81, =2019.9.10.14.39.5, =1.0.1, =0.1.20, =0.1.0, =0.1.2, =0.3.2, =0.6.0, =1.0.1.1.4, =0.4.0.dev3, =0.1.0, =0.1.7 - mgoaiwrkpi =0.0.4 - mi =2020.3.4.13.39.35 and more Source cves: CVE-2024-7765 Source advisory: OSV:GHSA-6W62-3JVJ-MFJ6...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2024-6863 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-6863 Source advisory: SNYK:JAVA-AIH2O-9486741...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-12777 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-12777 Source advisory: SNYK:PYTHON-AIM-9511133...

corradin-opioid-project (=0.1.0), eensight (>=1.0.0 <=1.0.2) +44 more potentially affected by CVE-2024-12215 via kedro (>=0.15.9 <=0.19.8)

kedro PYPI version =0.15.9, =1.0.0, =0.1.0, =0.1.0, =0.1.9, =0.1.0, =0.0.4, =0.1.0, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2024-12215 Source advisory: OSV:GHSA-RM69-WVPV-R2W7...

aiagentgraph (>=0.0.1 <=0.0.4a1), arcodeai (>=0.1.0 <=0.1.2) +49 more potentially affected by CVE-2024-10940 via langchain-core (>=0.2.0 <=0.2.41)

langchain-core PYPI version =0.2.0, =0.0.1, =0.1.0, =0.1.1, =0.4.1, =0.1.0, =0.1.3, =0.1.3, =0.0.1, =1.0.0, =0.1.4, =0.1.2, =0.3.1 and more Source cves: CVE-2024-10940 Source advisory: OSV:GHSA-5CHR-FJJV-38QV...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-10110 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-10110 Source advisory: SNYK:PYTHON-AIM-9511139...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2024-6841 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2024-6841 Source advisory: SNYK:PYTHON-VANNA-9680143...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2024-8055 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2024-8055 Source advisory: SNYK:PYTHON-VANNA-9667555...

CVE-2025-1473

In MLflow (mlflow/mlflow), a CSRF vulnerability affects versions 2.17.0 to 2.20.1 in the Signup feature, allowing an attacker to create a new account and potentially perform unauthorized actions on behalf of the attacker’s account. The CVE-2025-1473 entry documents the flaw and its impact as Cros...

CVE-2025-22472

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to...

CVE-2024-49559

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2024-12992

Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE. This issue affects Pandora FMS from 700 to 777.6...

Dassault Systèmes ENOVIA Collaborative Industry Innovator 安全漏洞

Dassault Systèmes ENOVIA Collaborative Industry Innovator is an essential toolset for real-time, secure and structured collaboration and product content management for an engineering team at Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes ENOVIA Collaborative Indust...

Pandora FMS 安全漏洞

Pandora FMS is a monitoring system from Pandora FMS, USA. The system monitors networks, servers, virtual infrastructures, applications, etc. through visualization. A security vulnerability exists in Pandora FMS versions 700 through 777.6, which stems from improper neutralization of special elemen...

@akanjs/config (>=0.0.4 <=0.0.16), @akanjs/nest (>=0.0.4 <=0.0.16) +324 more potentially affected by CVE-2024-29409 via @nestjs/common (>=10.0.0 <=10.4.15)

@nestjs/common NPM version =10.0.0, =0.0.4, =0.0.4, =0.0.4, =1.1.5, =10.0.0, =10.2.2, =1.0.0, =0.0.67, =0.0.56, =1.0.1-dev.17, =0.399.0, =2.2.7-bb.3, =2.2.7-bb.7 and more Source cves: CVE-2024-29409 Source advisory: OSV:GHSA-CJ7V-W2C7-CP7C...

CVE-2024-55594

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests...

CVE-2025-0652

CVE-2025-0652 affects GitLab EE/CE versions 16.9–17.7.6, 17.8.x prior to 17.8.5, and 17.9.x prior to 17.9.2. The issue enables unauthorized users to access confidential information intended for internal use. The published entries consistently describe this as an incorrect/unauthorized access auth...

Apache Traffic Server Access Control Error Vulnerability

Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A security vulnerability exists in Apache Traffic Server versions 10.0.0 through 10.0.3, and no detailed vulnerability details are provided at this time...

MariaDB DoS Vulnerability (MDEV-32084)

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

org.apache.nifi:nifi-mongodb-processors (>=2.0.0 <=2.2.0), org.apache.nifi:nifi-mongodb-services-nar (>=1.4.0 <=2.2.0) potentially affected by CVE-2025-27017 via org.apache.nifi:nifi-mongodb-services (>=1.13.0 <=2.2.0)

org.apache.nifi:nifi-mongodb-services MAVEN version =1.13.0, =2.0.0, =1.4.0, =2.2.0 Source cves: CVE-2025-27017 Source advisory: OSV:GHSA-35GQ-CVRM-XF94...