35936 matches found
Allocation of Resources Without Limits or Throttling
Overview github.com/elastic/fleet-server/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting...
Allocation of Resources Without Limits or Throttling
Overview github.com/elastic/fleet-server/v7/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitti...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting specially crafted requests, potentially causing the service to become unavailable. Remediation Upgrade...
Uncontrolled Recursion
Overview org.elasticsearch:elasticsearch is a Distributed, RESTful Search Engine. Affected versions of this package are vulnerable to Uncontrolled Recursion in the query processing. An authenticated attacker can submit a specially crafted query that causes excessive resource consumption during...
Deserialization of Untrusted Data
Overview ray is an A system for parallel and distributed Python that unifies the ML ecosystem. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the readwebdataset function. An attacker can execute arbitrary code on remote workers by supplying a specially...
Allocation of Resources Without Limits or Throttling
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Fleet policy input. An attacker can cause the Fleet agent, server, an...
Server-side Request Forgery (SSRF)
Overview auth-fetch-mcp is a MCP server that lets AI read Notion, Google Docs, Jira & any login-protected page via a real browser Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the isPrivateV6 function, which fails to properly detect IPv4-mapped IPv6...
Server-side Request Forgery (SSRF)
Overview @jshookmcp/jshook is a MCP server with built-in tools across multiple domains for AI-assisted JavaScript analysis and security analysis — browser automation, CDP debugging, network monitoring, JS hooks, code analysis, and workflow orchestration Affected versions of this package are...
Missing Authorization
Overview org.geonetwork-opensource:gn-services is a GeoNetwork Services. Affected versions of this package are vulnerable to Missing Authorization due to the omission of the query field in the request body, which causes the access-control filter-injection process to be skipped. An attacker can...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with dat...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with data...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with data...
Server-side Request Forgery (SSRF)
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the request process. An attacker can access internal resources and potentially disclose sensitive...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the process responsible for dynamically managing code resources. An attacker can execute arbitrary code,...
Improper Handling of Highly Compressed Data (Data Amplification)
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the improper handling of highly compressed data. An...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with dat...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with dat...
Use After Free
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Use After Free via the process handling memory management. An attacker can cause the application to crash or become...
Arbitrary Code Injection
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Arbitrary Code Injection in the code generation process. An attacker can execute arbitrary code, escalate privileges, tamper with data, and...
Arbitrary Code Injection
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Arbitrary Code Injection via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with data, and...
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' in the process responsible for dynamically managing code...
Deserialization of Untrusted Data
Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via improper validation of allowed inputs. An attacker can execute arbitrary code, escalate privileges, tampe...
Improper Input Validation
Overview pretix is a Reinventing presales, one ticket at a time Affected versions of this package are vulnerable to Improper Input Validation via improper validation of session parameters in the payment integration plugins and the use of shared cryptographic keys and salts across unrelated...
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through a race condition in the process. An attacker can execute arbitrary code, escalate privileges, and tamper with data by exploiting the timing window between security checks and use o...
Relative Path Traversal
Overview clearml is a ClearML - Auto-Magical Experiment Manager, Version Control, and MLOps for AI Affected versions of this package are vulnerable to Relative Path Traversal via the StorageManager.extracttocache process. An attacker can write arbitrary files to the filesystem by uploading a...
Uncaught Exception
Overview @fastify/middie is a Middleware engine for Fastify Affected versions of this package are vulnerable to Uncaught Exception in the URL normalization process when handling malformed percent-encoded sequences in incoming request paths. An attacker can cause the Node.js process to terminate...
Interpretation Conflict
Overview @fastify/middie is a Middleware engine for Fastify Affected versions of this package are vulnerable to Interpretation Conflict via the path parameter handling process. An attacker can gain unauthorized access to protected route handlers by sending a crafted URL containing an encoded slas...
Authorization Bypass Through User-Controlled Key
Amendment This was deemed not a vulnerability. Overview foreman is a complete lifecycle management tool for physical and virtual servers. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper validation of nested request parameters in th...
Incorrect Privilege Assignment
Amendment This was deemed not a vulnerability. Overview foreman is a complete lifecycle management tool for physical and virtual servers. Affected versions of this package are vulnerable to Incorrect Privilege Assignment via manipulation of the Usergroup process. An attacker can gain...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the process that handles user requests without proper validation of request origin. An attacker can perform unauthorized actions on behalf of authenticated users by tricking them into submitting...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of user-supplied input in the map format. An attacker can execute arbitrary JavaScript code in the context of users viewing affected pages by injecting malicious payloads. Details Cross-sit...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the SceneCombiner::Copy function when processing a specially crafted model file. An attacker can cause the application to crash or access sensitive information by supplying a malicious file and convincing a user o...
Incomplete List of Disallowed Inputs
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the reduce method during deserialization. An attacker can execute arbitrary operating system commands ...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the cProfile.run function during pickle deserialization. An attacker can execute arbitrary code by...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the torch.utils.collectenv.run function in reduce methods. An attacker can execute arbitrary remote...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the trace.Trace.run process. An attacker can execute arbitrary code by crafting a malicious pickle file th...
Protection Mechanism Failure
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Protection Mechanism Failure via the trace.Trace.runctx function. An attacker can execute arbitrary code by crafting a malicious pickle file th...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the doctest.debugscript function. An attacker can execute arbitrary commands by crafting malicious pickle...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the run function in the profile.Profile class when used in pickle reduce methods. An attacker can execute...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the code.InteractiveInterpreter process in reduce methods. An attacker can execute arbitrary code by...
Uncontrolled Search Path Element
Overview app-builder-bin is an app-builder precompiled binaries Affected versions of this package are vulnerable to Uncontrolled Search Path Element through the execWine/executeAppBuilder command path in builder-util and app-builder-lib on non-Windows systems. An attacker can execute...
Uncontrolled Search Path Element
Overview app-builder-lib is an electron-builder lib Affected versions of this package are vulnerable to Uncontrolled Search Path Element through the execWine/executeAppBuilder command path in builder-util and app-builder-lib on non-Windows systems. An attacker can execute attacker-controlled...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the HttpExecutor.prepareRedirectUrlOptions process. An attacker can obtain sensitive credentials, such as GitLab's PRIVATE-TOKEN or mixed-case Authorization headers, by leveraging a...
Heap-based Buffer Overflow
Overview json is a JSON implementation as a Ruby extension in C. Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the JSON.dump or JSON::Stategenerate process when streaming oversized attacker-controlled strings to an IO object. An attacker can cause a process...
Cross-site Scripting (XSS)
Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ChatTrigger template rendering in ChatTrigger/templates.ts. An authenticated user who can create or edit workflows can inject malicious JavaScript by supplying crafted Custo...
Directory Traversal
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Directory Traversal
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Directory Traversal
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Directory Traversal
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Directory Traversal
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...