curl: Denial of Service (DoS) vulnerability in dedotdotify() URL path normalization

Summary A Denial of Service DoS vulnerability exists in the dedotdotify function in lib/urlapi.c that can cause excessive CPU consumption due to On² time complexity when processing URLs with malicious path patterns containing many ../ sequences. Affected Component - Component: libcurl URL API -...

Path Traversal

Grav is vulnerable to Path Traversal. The vulnerability is due to insufficient validation of the username path during user creation, where Grav writes the account YAML file to an unintended location outside user/accounts/ when a username contains path traversal sequences, allowing attackers to...

Directory Traversal

org.craftercms, crafter-studio is vulnerable to Directory Traversal. The vulnerability is due to improper validation of file path inputs, which allows an unauthenticated attacker to overwrite arbitrary files on the operating system via crafted path traversal sequences, potentially leading to Remo...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: aide (UTSA-2025-991233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991233 advisory. AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via insufficient validation of the fileName field in the transfer logic. An attacker can access arbitrary files accessible to the service process by invoking the GetFile method when a shard is in the "Pause file...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via insufficient validation of the fileName field in the transfer logic. An attacker can access arbitrary files accessible to the service process by invoking the GetFile method when a shard is in the "Pause file...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via insufficient validation of the fileName field in the transfer logic. An attacker can access arbitrary files accessible to the service process by invoking the GetFile method when a shard is in the "Pause file...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Backup ZipSlip. An attacker can create or overwrite files in arbitrary locations within the application's privilege scope by inserting data entries with absolute paths or parent directory traversal sequences...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Backup ZipSlip. An attacker can create or overwrite files in arbitrary locations within the application's privilege scope by inserting data entries with absolute paths or parent directory traversal sequences...

Persistent Backdoor Attacks under Continual Fine-Tuning of LLMs

Backdoor attacks embed malicious behaviors into Large Language Models LLMs, enabling adversaries to trigger harmful outputs or bypass safety controls. However, the persistence of the implanted backdoors under user-driven post-deployment continual fine-tuning has been rarely examined. Most prior...

Arbitrary Code Injection

Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Arbitrary Code Injection via the hasmetacommands function. An attacker can execute arbitrary commands on the system by crafting a SQL file that begins with a UTF-8 Byte Order Mark or special byte sequences...

GHSA-FXMW-JCGR-W44V pgadmin4 has a Meta-Command Filter Command Execution

The PLAIN restore meta-command filter introduced in pgAdmin as part of the fix for CVE-2025-12762 does not detect meta-commands when a SQL file begins with a UTF-8 Byte Order Mark EF BB BF or other special byte sequences. The implemented filter uses the function hasmetacommands, which scans raw...

pgadmin4 has a Meta-Command Filter Command Execution

The PLAIN restore meta-command filter introduced in pgAdmin as part of the fix for CVE-2025-12762 does not detect meta-commands when a SQL file begins with a UTF-8 Byte Order Mark EF BB BF or other special byte sequences. The implemented filter uses the function hasmetacommands, which scans raw...

libsoup: Heap Use-After-Free in libsoup message queue handling during HTTP/2 read completion

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities were addressed in IBM Business Automation Manager Open Editions 9.3.1. Vulnerability Details CVEID:CVE-2025-61748 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

CVE-2025-65287

An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base path /var/www/files/userScript/ using memcpy + strcat without validation or...

Directory Traversal

Overview pyrofork is a Fork of pyrogram. Elegant, modern and asynchronous Telegram MTProto API framework in Python for users and bots Affected versions of this package are vulnerable to Directory Traversal via the progress' function in the downloadmedia.py file. An attacker can overwrite or creat...

CVE-2025-67506

PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload...

PT-2025-50670

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.10 Description pgAdmin versions up to 9.10 are susceptible to a Remote Code Execution RCE issue when running in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute...

Qnap QTS and QuTS hero Improper Neutralization of CRLF Sequences (CVE-2024-48868)

An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data. We have already fixed the vulnerability in the following version...