Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:35 a.m.12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses keras-3.10.0-py3-none-any.whl, keras-2.14.0-py3-none-any.whl which are vulnerable to CVE-2025-12058, CVE-2025-12060, CVE-2025-9905, CVE-2025-9906.

Summary IBM Maximo Application Suite - Monitor Component uses keras-3.10.0-py3-none-any.whl, keras-2.14.0-py3-none-any.whl which are vulnerable to CVE-2025-12058, CVE-2025-12060, CVE-2025-9905, CVE-2025-9906. This bulletin contains information regarding the vulnerability and its fixture...

8.9CVSS6.1AI score0.00593EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 5:42 a.m.7 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "tomcat-embed-core-10.1.46.jar, js-yaml-4.1.0.tgz, keras-2.14.0-py3-none-any.whl, logback-core-1.5.18.jar, werkzeug-3.0.6-py3-none-any.whl" which are vulnerable to "CVE-2025-61795, CVE-2025-64718, CVE-2025-12058, CVE-2025-11226, CVE-2025-66221". This...

7CVSS7.6AI score0.01139EPSS
Exploits0Affected Software1
Circl
Circl
added 2025/10/29 10:26 a.m.5 views

CVE-2025-12058

creationtimestamp| type| source ---|---|--- 2025-10-29 10:26:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4dac2nodb2d 2025-11-04 20:06:29+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3m4tdj2lzf72o 2025-11-07 14:42:37+00:00| seen|...

5.9CVSS7.3AI score0.00239EPSS
Exploits0References9
vulnersOsv
vulnersOsv
added 2025/10/29 9:30 a.m.11 views

a2grunnerp (>=0.1.0 <=0.1.8), a62-emotion (>=0.9.2 <=0.11.4) +1265 more potentially affected by CVE-2025-12058 via keras (>=1.2.1 <=3.11.3)

keras PYPI version =1.2.1, =0.1.0, =0.9.2, =1.0.1, =0.1.0, =1.1.2, =0.0.8, =0.0.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2025-12058 Source advisory: OSV:GHSA-MQ84-HJQX-CWF2...

5.9CVSS7.4AI score0.00239EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/10/29 9:15 a.m.2 views

CVE-2025-12058

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS7.4AI score0.00239EPSS
Exploits0References3
Rows per page
Query Builder