8.8

CVSS3.1

CVE-2024-45850 -

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a qu…

📅 Published: Sept. 12, 2024, 1 p.m. 🔄 Last Modified: Sept. 16, 2024, 5:35 p.m.

8.8

CVSS3.1

CVE-2024-45849 -

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list creation. If such a query is …

📅 Published: Sept. 12, 2024, 12:59 p.m. 🔄 Last Modified: Sept. 16, 2024, 5:34 p.m.

8.8

CVSS3.1

CVE-2024-45848 -

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the code …

📅 Published: Sept. 12, 2024, 12:58 p.m. 🔄 Last Modified: Sept. 16, 2024, 5:33 p.m.

8.8

CVSS3.1

CVE-2024-45847 -

An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration e…

📅 Published: Sept. 12, 2024, 12:57 p.m. 🔄 Last Modified: Sept. 16, 2024, 5:31 p.m.

8.8

CVSS3.1

CVE-2024-45846 -

An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT WHERE’ clause containing Python code is run against a database created with the Weaviate engine, th…

📅 Published: Sept. 12, 2024, 12:56 p.m. 🔄 Last Modified: Sept. 16, 2024, 5:30 p.m.

7.8

CVSS3.1

CVE-2024-45857 -

Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the data directory is loaded.

📅 Published: Sept. 12, 2024, 12:53 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

7.8

CVSS3.1

CVE-2024-27321 -

An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a user creates a multilabel classification task using a maliciously crafted CSV file containing Python co…

📅 Published: Sept. 12, 2024, 12:50 p.m. 🔄 Last Modified: Sept. 20, 2024, 5:06 p.m.

7.8

CVSS3.1

CVE-2024-27320 -

An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code wi…

📅 Published: Sept. 12, 2024, 12:49 p.m. 🔄 Last Modified: Sept. 23, 2024, 1:56 p.m.

5.4

CVSS3.1

CVE-2021-22503 - Improper Neutralization of Input During Web Page Generation Vulnerability

Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.

📅 Published: Sept. 12, 2024, 12:44 p.m. 🔄 Last Modified: Sept. 19, 2024, 2:25 p.m.

5.8

CVSS3.1

CVE-2021-22518 - Sensitive Information logging in NetIQ Identity Manager Driver

A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0

📅 Published: Sept. 12, 2024, 12:44 p.m. 🔄 Last Modified: Oct. 2, 2024, 3:10 p.m.
Total resulsts: 349182
Page 8586 of 34,919
« previous page » next page
Filters