Lucene search
K

38 matches found

vulnersOsv
vulnersOsv
added 2026/04/22 8:23 p.m.7 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41673 Source advisory:...

8.7CVSS5.8AI score0.00643EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:23 p.m.9 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41673 Source advisory:...

8.7CVSS5.8AI score0.00643EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:19 p.m.9 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41674 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41674 Source advisory:...

8.7CVSS5.8AI score0.00457EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:16 p.m.8 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41672 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41672 Source advisory:...

8.7CVSS5.8AI score0.00365EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/28 9:16 p.m.5 views

CVE-2026-24873

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

CVE-2026-24873

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 4:16 p.m.5 views

CVE-2026-24873

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 3:53 p.m.1 views

CVE-2026-24873

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 3:53 p.m.3 views

CVE-2026-24873 Out-of-bounds read in lpp-vita

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 3:53 p.m.22 views

CVE-2026-24873 Out-of-bounds read in lpp-vita

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 3:53 p.m.10 views

CVE-2026-24873

CVE-2026-24873 describes an out-of-bounds read vulnerability in Rinnegatamante lpp-vita affecting versions before lpp-vita r6. The issue is categorized as a high-severity flaw with a CVSS 3.1 score of 7.8 (LOCAL access, low attack complexity, no privileges required, user interaction needed, scope...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 3:53 p.m.3 views

EUVD-2026-4800

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.5 views

Lua Player Plus Vita security vulnerability

Lua Player Plus Vita is a script interpreter developed by Alessio Tosto as an individual project. Prior versions of Lua Player Plus Vita R6 had security vulnerabilities, which stemmed from out-of-bounds read operations...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4962

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-15166

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00162EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/17 2:59 p.m.14 views

CVE-2025-4701

A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local ho...

5.3CVSS6.8AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 3:16 p.m.10 views

CVE-2025-4701

A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local ho...

5.3CVSS0.00162EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/15 2:31 p.m.9 views

CVE-2025-4701 VITA-MLLM Freeze-Omni utils.py torch.load deserialization

A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local ho...

5.3CVSS6.8AI score0.00162EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/15 2:31 p.m.18 views

CVE-2025-4701 VITA-MLLM Freeze-Omni utils.py torch.load deserialization

A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local ho...

5.3CVSS0.00162EPSS
Exploits0References4
CVE
CVE
added 2025/05/15 2:31 p.m.55 views

CVE-2025-4701

The CVE-2025-4701 issue affects VITA-MLLM Freeze-Omni (up to 20250421), specifically the torch.load usage in models/utils.py where improper handling of the path argument enables deserialization and a potential local-host exploit. Root cause: manipulation of the path parameter in torch.load leads ...

5.3CVSS5.3AI score0.00162EPSS
Exploits0References4
Rows per page
Query Builder