VYPR
Vendor

Jqhph

Products
73
CVEs
59
Across products
39
Status
Private

Products

73
View all 73 products →

Recent CVEs

59
View all 59 CVEs →
  • CVE-2024-48206CriOct 29, 2024
    risk 0.64cvss 9.8epss 0.01

    A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of arbitrary code.

  • CVE-2022-34064CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.01

    The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2022-34055CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.02

    The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2022-34054CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.02

    The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2022-34053CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.02

    The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2022-33000CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.02

    The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2022-32997CriJun 24, 2022
    risk 0.64cvss 9.8epss 0.02

    The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

  • CVE-2021-20204CriMay 6, 2021
    risk 0.64cvss 9.8epss 0.02

    A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This…

  • CVE-2018-20027CriDec 17, 2018
    risk 0.64cvss 9.8epss 0.02

    The yaml_parse.load method in Pylearn2 allows code injection.

  • CVE-2018-12557CriJun 19, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offline during the build, the no_log attribute of a task is ignored. If the unreachable error occurred in a task used with a loop variable (e.g., with_items), the contents of the loop items would be printed in the…

  • CVE-2026-10731CriJun 9, 2026
    risk 0.60cvss epss 0.00

    SQL injection in the ‘two_steps_auth_code’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication (2FA) functionality can be accessed without prior authentication, allowing unauthenticated…

  • CVE-2026-38360CriMay 8, 2026
    risk 0.58cvss 9.8epss 0.06

    Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, BaseHttpRequestHandler.get_temp_root(), BaseHttpRequestHandler._post() components.

  • CVE-2016-0727HigApr 14, 2017
    risk 0.54cvss 7.8epss 0.01

    The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account…

  • CVE-2024-8007HigAug 21, 2024
    risk 0.53cvss 8.1epss 0.00

    A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could…

  • CVE-2014-5282HigFeb 6, 2018
    risk 0.53cvss 8.1epss 0.01

    Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

  • CVE-2026-39832CriMay 22, 2026
    risk 0.52cvss 9.1epss 0.00

    When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client…

  • CVE-2022-28696HigAug 18, 2022
    risk 0.51cvss 7.8epss 0.00

    Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2018-20159HigDec 15, 2018
    risk 0.51cvss 7.2epss 0.10

    i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file…

  • CVE-2018-6552HigMay 31, 2018
    risk 0.51cvss 7.8epss 0.00

    Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The…

  • CVE-2026-50031HigJun 3, 2026
    risk 0.49cvss 7.5epss 0.00

    ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to…