Total
1324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37062 | 2024-06-04 | N/A | 7.8 HIGH | ||
| Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when loaded. | |||||
| CVE-2024-37056 | 2024-06-04 | N/A | 8.8 HIGH | ||
| Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.23.0 or newer, enabling a maliciously uploaded LightGBM scikit-learn model to run arbitrary code on an end user’s system when interacted with. | |||||
| CVE-2024-37060 | 2024-06-04 | N/A | 8.8 HIGH | ||
| Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.27.0 or newer, enabling a maliciously crafted Recipe to execute arbitrary code on an end user’s system when run. | |||||
| CVE-2024-37064 | 2024-06-04 | N/A | 7.8 HIGH | ||
| Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when loaded. | |||||
| CVE-2024-37058 | 2024-06-04 | N/A | 8.8 HIGH | ||
| Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with. | |||||
| CVE-2024-37065 | 2024-06-04 | N/A | 7.8 HIGH | ||
| Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded. | |||||
| CVE-2024-37057 | 2024-06-04 | N/A | 8.8 HIGH | ||
| Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.0.0rc0 or newer, enabling a maliciously uploaded Tensorflow model to run arbitrary code on an end user’s system when interacted with. | |||||
| CVE-2024-3300 | 2024-05-30 | N/A | 9.0 CRITICAL | ||
| An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution. | |||||
| CVE-2024-3301 | 2024-05-30 | N/A | 8.5 HIGH | ||
| An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to post-authentication remote code execution. | |||||
| CVE-2023-38155 | 1 Microsoft | 1 Azure Devops Server | 2024-05-29 | N/A | 8.1 HIGH |
| Azure DevOps Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36777 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 5.7 MEDIUM |
| Microsoft Exchange Server Information Disclosure Vulnerability | |||||
| CVE-2023-36757 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2023-36756 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36745 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36744 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36736 | 1 Microsoft | 1 Identity Linux Broker | 2024-05-29 | N/A | 4.4 MEDIUM |
| Microsoft Identity Linux Broker Remote Code Execution Vulnerability | |||||
| CVE-2023-35317 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-05-29 | N/A | 7.8 HIGH |
| Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | |||||
| CVE-2023-33160 | 1 Microsoft | 1 Sharepoint Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2023-33134 | 1 Microsoft | 1 Sharepoint Server | 2024-05-29 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2023-21779 | 1 Microsoft | 1 Visual Studio Code | 2024-05-29 | N/A | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||