7044 matches found
PYSEC-2025-162
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na...
PYSEC-2025-163
A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function fastatorealmove in the library include/assimp/fastatof.h of the component CSM File Handler. The manipulation leads to out-of-bounds read. The attack may be initiated...
PYSEC-2025-161
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to out-of-bounds write. It is...
PYSEC-2025-260
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The attack may be initiated...
PYSEC-2025-160
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...
PYSEC-2025-228
A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can ...
PYSEC-2025-17
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...
PYSEC-2025-98
A Server-Side Request Forgery SSRF vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access th...
PYSEC-2025-99
A Denial of Service DoS vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...
PYSEC-2025-57
A Denial of Service DoS vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundar...
PYSEC-2025-95
A stored cross-site scripting XSS vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, affecting version git 20b2e02. The vulnerability arises from improper sanitization of HTML tags in chat history uploads. Specifically, the sanitization logic fails to handle HTML tags within code...
PYSEC-2025-97
An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat history. The vulnerability arises because the username is provided via an HTTP request from the client side, rather than being read from a secu...
PYSEC-2025-96
An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a complete loss of availability. The issue arises because the function responsible for restarting the server is not proper...
PYSEC-2025-222
vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer RPC server entrypoints. The core functionality runserverloop calls the function makehandlercoro, which directly uses cloudpickle.loads on received messages without any sanitization. This can result in remote code...
PYSEC-2025-239
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due to improper handling of session data and lack of access control mechanisms, enabling attackers to view and manipulate chat histories of...
PYSEC-2025-80
A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...
PYSEC-2025-83
A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...
PYSEC-2025-81
A Cross-Origin Resource Sharing CORS vulnerability exists in modelscope/agentscope version v0.0.4. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can lead to unauthorized dat...
PYSEC-2025-82
An arbitrary file download vulnerability exists in the rpcagentclient component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpcagent's host by exploiting the downloadfile method. This can lead to unauthorized access to sensitive...
PYSEC-2025-144
A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for blockcount in the Modelfile. This can lead to a denial of service DoS condition when the server processes the model, causing it to crash...
PYSEC-2025-10
A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...
PYSEC-2025-11
A vulnerability in the KnowledgeBaseWebReader class of the run-llama/llamaindex repository, version latest, allows an attacker to cause a Denial of Service DoS by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the getarticleurls method, exhausting...
PYSEC-2025-244
A vulnerability in the LangChainLLM class of the run-llama/llamaindex repository, version v0.12.5, allows for a Denial of Service DoS attack. The streamcomplete method executes the llm using a thread and retrieves the result via the getresponsegen method of the StreamingGeneratorCallbackHandler...
PYSEC-2025-9
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious cod...
PYSEC-2025-94
A Regular Expression Denial of Service ReDoS vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The server uses the regex pattern r'+' to parse user input. In Python's default regex engine, this pattern can take polynomial time to match certain crafted inputs. An attacker c...
PYSEC-2025-93
gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue CVE-2024-4941. This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a speciall...
PYSEC-2025-92
An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...
PYSEC-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...
PYSEC-2025-223
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. The outlines library is one of the backends used by vLLM to support structured output a.k.a. guided decoding. Outlines provides an optional cache for its compiled grammars on the local filesystem. This cache has...
After the owner removed the project from PyPI, another user uploaded a new version with non-working code
The pygments-style-solarized project was removed from PyPI by its owner on 2021-08-26.The GitHub repository was also updated to show unmaintained, and archived on 2025-08-31.Another user uploaded a new version, 100.10.7, which contains non-working code,with clear language that it intends to be a...
PYSEC-2025-227
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to...
PYSEC-2025-122
The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...
PYSEC-2025-159
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The...
PYSEC-2025-22
A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code.Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting th...
PYSEC-2025-190
A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...
PYSEC-2025-158
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...
PYSEC-2025-21
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...
PYSEC-2025-189
A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler.callendcallbacksonjitfut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launch...
PYSEC-2025-20
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...
PYSEC-2025-13
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...
PYSEC-2025-23
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is passed as an argument, it will be logged and could potentially leak the password. This is only...
PYSEC-2025-19
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not...
PYSEC-2025-24
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...
PYSEC-2025-25
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allowcredentia...
PYSEC-2025-15
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3...
PYSEC-2025-66
Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the resource ID was know. This issue affects Apache StreamPipes: through 0.95.1.Users are recommended to upgrade to version 0.97.0 which fixes the issue...
Posts scraped data to IP address associated with other malware distribution attacks.
Published in 2021, the imblog package is a Python librarythat scrapes data from a blog page to an IP address associated with other malware distribution attacks...
Exfiltrates cookies to hardcoded IP address
Published in 2021, the colabrun package is a Python librarythat exfiltrates user cookies to a hardcoded IP address.The package was found to exfiltrate user data to a hardcoded server,which could be used for malicious purposes...
Exfiltrates user cookies to hardcoded server endpoint during normal operations
Published in 2020, the autodzee package is a Python librarythat bypasses Deezer API restrictions to download music.The package was found to exfiltrate user data to a hardcoded server,which could be used for malicious purposes...
When using the project to bypass Deezer API restrictions, project exfiltrates user data to a hardcoded server.
Published in 2019, the autodzee package is a Python librarythat bypasses Deezer API restrictions to download music.The package was found to exfiltrate user data to a hardcoded server,which could be used for malicious purposes...