Export limit exceeded: 353031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (353031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67887 | 1 1c-bitrix | 1 1c-bitrix | 2026-05-17 | 9.8 Critical |
| 1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged users who can upload new translated pages to the website. | ||||
| CVE-2026-31222 | 2 Snorkel, Snorkel-team | 2 Snorkel, Snorkel | 2026-05-17 | 8.8 High |
| The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the Trainer.load() method of the Trainer class. The method loads model checkpoint files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method. | ||||
| CVE-2026-31223 | 2 Snorkel, Snorkel-team | 2 Snorkel, Snorkel | 2026-05-17 | 8.8 High |
| The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability (CWE-502) in the BaseLabeler.load() method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load() function on user-supplied file paths without any validation or security controls. Python's pickle module is inherently dangerous for deserializing untrusted data, as it can execute arbitrary code during the deserialization process. A remote attacker can exploit this by providing a maliciously crafted pickle file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method. | ||||
| CVE-2026-31224 | 2 Snorkel, Snorkel-team | 2 Snorkel, Snorkel | 2026-05-17 | 8.8 High |
| The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the MultitaskClassifier.load() method of the MultitaskClassifier class. The method loads model weight files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method. | ||||
| CVE-2023-27753 | 1 Mk-auth | 1 Mk-auth | 2026-05-17 | 8 High |
| An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file. | ||||
| CVE-2023-30059 | 1 Mk-auth | 1 Mk-auth | 2026-05-17 | 5.4 Medium |
| An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request. | ||||
| CVE-2026-31214 | 1 Stas00 | 1 Ml-engineering | 2026-05-17 | 9.8 Critical |
| The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script. | ||||
| CVE-2026-31218 | 1 Nebuly-ai | 1 Optimate | 2026-05-17 | 8.8 High |
| The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) is vulnerable to insecure deserialization (CWE-502). When loading a model state dictionary from a state_dict.pt file via torch.load(), the function does not enable the weights_only=True security parameter. This allows the deserialization of arbitrary Python objects through the Pickle module. A remote attacker can exploit this by providing a maliciously crafted state_dict.pt file within a directory specified via the --model argument, leading to arbitrary code execution during the deserialization process on the victim's system. | ||||
| CVE-2026-31219 | 1 Nebuly-ai | 1 Optimate | 2026-05-17 | 8.8 High |
| The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) is vulnerable to insecure deserialization (CWE-502). When a user provides a single model file path (e.g., .pt or .pth) via the --model command-line argument, the function loads the file using torch.load() without enabling the weights_only=True security parameter. This allows the deserialization of arbitrary Python objects through the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution during deserialization on the victim's system. | ||||
| CVE-2026-3604 | 2 Kcseopro, Wordpress | 2 Wp Seo Structured Data Schema, Wordpress | 2026-05-17 | 4.9 Medium |
| The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `_kcseo_ative_tab` parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-37428 | 1 Qiliping | 1 Qihang-wms | 2026-05-17 | 6.5 Medium |
| qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysDeptMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information (PII). | ||||
| CVE-2026-37429 | 1 Qiliping | 1 Qihang-wms | 2026-05-17 | 6.5 Medium |
| qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information (PII) via a crafted SQL statement. | ||||
| CVE-2026-37430 | 1 Qiliping | 1 Qihang-wms | 2026-05-17 | 7.3 High |
| An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-51394 | 1 Ardupilot | 1 Ardupilot | 2026-05-17 | 5.5 Medium |
| Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp components. | ||||
| CVE-2024-55045 | 1 Firmament-autopilot | 1 Fmt-firmware | 2026-05-17 | 7.3 High |
| Firmament-Autopilot FMT-Firmware commit de5aec was discovered to contain a buffer overflow via the task_mavobc_entry function at /comm/task_comm.c. | ||||
| CVE-2025-29338 | 1 Nxp | 1 Wi-fi Driver | 2026-05-17 | 5.6 Medium |
| NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function. | ||||
| CVE-2024-51395 | 1 Ardupilot | 1 Ardupilot | 2026-05-17 | 6.2 Medium |
| Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio, AP_SmartAudio.cpp components. | ||||
| CVE-2025-28343 | 1 Striso | 1 Control-firmware | 2026-05-17 | 7.5 High |
| striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons. | ||||
| CVE-2025-28344 | 1 Striso | 1 Control-firmware | 2026-05-17 | 7.5 High |
| striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack. | ||||
| CVE-2026-36742 | 1 Hiseeu | 1 C90 | 2026-05-17 | 6.8 Medium |
| Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode). | ||||