23 matches found
CVE-2026-21853
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
CVE-2026-21853
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
CVE-2026-21853 AFFiNE: One-click Remote Code Execution through Custom URL Handling
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
EUVD-2026-9252
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
CVE-2026-21853 AFFiNE: One-click Remote Code Execution through Custom URL Handling
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
CVE-2026-21853
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
CVE-2026-21853 AFFiNE: One-click Remote Code Execution through Custom URL Handling
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in tw...
AFFiNE.Pro 代码注入漏洞
AFFiNE.Pro is an open-source next-generation knowledge base developed by Toeverything. Versions of AFFiNE.Pro prior to 0.25.4 contained a code injection vulnerability. This vulnerability occurred due to specially crafted affine: URLs, which could lead to remote code execution with just one click...
PT-2026-22689
Name of the Vulnerable Software and Affected Versions AFFiNE versions prior to 0.25.4 Description AFFiNE is an open-source workspace and operating system. Versions prior to 0.25.4 contain a one-click remote code execution issue. An attacker can exploit this by embedding a specially crafted affine...
DEBIAN-CVE-2022-37706
enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...
PT-2022-4899 · Unknown · Enlightenment
Name of the Vulnerable Software and Affected Versions: Enlightenment versions prior to 0.25.4 Description: The issue is related to the Enlightenment window manager's system file, specifically with the enlightenment sys component. It is setuid root and mishandles pathnames that begin with a /dev/...
GHSA-92CX-4XM7-JR9M Use After Free in rusqlite
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createscalarfunction has a use-after-free...
GHSA-G87R-23VW-7F87 Use After Free in rusqlite
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. updatehook has a use-after-free...
Design/Logic Flaw
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createcollation has a use-after-free...
Design/Logic Flaw
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createscalarfunction has a use-after-free...
Design/Logic Flaw
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createwindowfunction has a use-after-free...
Design/Logic Flaw
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createaggregatefunction has a use-after-free...
CVE-2021-45715
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createwindowfunction has a use-after-free...
Rust rusqlite crate 资源管理错误漏洞
Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...
Rust rusqlite crate 资源管理错误漏洞
Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...