EUVD-2021-28268

Malicious code in bioql PyPI...

CVE-2025-31499

Jellyfin is an open source self hosted media server. Versions before 10.10.7 are vulnerable to argument injection in FFmpeg. This can be leveraged to possibly achieve remote code execution by anyone with credentials to a low-privileged user. This vulnerability was previously reported in...

CVE-2025-32012

Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same...

CVE-2025-31499

Jellyfin CVE-2025-31499 affects versions before 10.10.7. An FFmpeg argument-injection flaw exists in endpoints such as /Videos//stream and /Videos//stream. (and similar in AudioController), allowing unsanitized parameters to reach FFmpeg’s command line. This can enable arbitrary file writes and p...

CVE-2025-31499 Jellyfin Vulnerable to Argument Injection in FFmpeg

Jellyfin is an open source self hosted media server. Versions before 10.10.7 are vulnerable to argument injection in FFmpeg. This can be leveraged to possibly achieve remote code execution by anyone with credentials to a low-privileged user. This vulnerability was previously reported in...

CVE-2025-32012 Jellyfin Vulnerable to Denial of Service (DoS) via IP Spoofing

Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same...

Jellyfin 安全漏洞

Jellyfin is a free software media system from Jellyfin Open Source. It allows you to control the management and streaming of media. It is an alternative to the proprietary Emby and Plex for serving media from dedicated servers to end-user devices through multiple applications. A security...

WordPress plugin Salon booking system 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

MariaDB DoS Vulnerability (CVE-2023-22084) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...