Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by improper validation of certificate-hostname mismatches...

7.3CVSS5.8AI score0.00632EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 9:17 p.m.7 views

UBUNTU-CVE-2026-27953

ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...

9.8CVSS5.6AI score0.01192EPSS
Exploits1References3
OSV
OSV
added 2023/11/06 5:15 p.m.4 views

AZL-31787 CVE-2023-40660 affecting package opensc for versions less than 0.23.0-4

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock a...

6.6CVSS6.8AI score0.00925EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/11/22 9:30 p.m.5 views

br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-reactive-deployment (=1.0.4) +213 more potentially affected by CVE-2022-4116 via io.quarkus:quarkus-vertx-http-deployment (>=0.23.0 <=2.13.4.Final)

io.quarkus:quarkus-vertx-http-deployment MAVEN version =0.23.0, =0.1.5, =1.5.0-Alpha2, =1.0.0, =1.1.0, =0.0.10, =1.0.0, =1.0.0-RC3, =0.4.0, =0.4.0, =0.4.0, =0.20.0 and more Source cves: CVE-2022-4116 Source advisory: OSV:GHSA-G56W-CWG4-HXX9https://vulners.com/osv/OSV:GHSA...

9.8CVSS7.3AI score0.32516EPSS
Exploits0
CNVD
CNVD
added 2020/05/18 12:0 a.m.2 views

scikit-learn code issue vulnerability

scikit-learn is an open-source Python-based machine learning package that supports features such as spam detection, image recognition, and prediction of continuous-valued attributes of associations. A code issue vulnerability exists in scikit-learn sklearn 0.23.0 and earlier versions, which can b...

9.8CVSS7.3AI score0.02645EPSS
Exploits1References1
Rows per page
Query Builder