8 matches found
Nextcloud Tables SQL注入漏洞
NextCloud Tables is an open-source table-based application developed by NextCloud. Versions of NextCloud Tables from 0.7.0 to 0.7.7, 0.8.0 to 0.8.10, 0.9.0 to 0.9.8, and 1.0.0 to 1.0.4 have SQL injection vulnerabilities. These vulnerabilities stem from stored injection attacks, allowing...
PT-2026-47556
Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...
CVE-2026-34669 CAI Content Credentials | Improper Input Validation (CWE-20)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service...
CVE-2026-34665 CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application...
CVE-2026-34679
Summary: CVE-2026-34679 affects CAI Content Credentials versions 0.78.2, 0.7.0 and earlier. Vulnerability: Improper Input Validation (CWE-20). Impact: Denial of service — an attacker could crash the application, leading to DoS. Exploitation does not require user interaction. Technical details pre...
PT-2026-40407
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2, 0.7.0 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition. This issue can be exploited without requiring user...
CLEANSTART-2026-PV98664 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.6.4-r5, 0.6.4-r6, 0.7.0-r4
Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2025-60540
karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery SSRF...