PT-2025-39289

Name of the Vulnerable Software and Affected Versions Mangati NovoSGA versions through 2.2.9 Description A security flaw exists in Mangati NovoSGA. The issue is related to cross site scripting within the SVG File Handler component, specifically affecting the file /admin. Manipulation of the...

CVE-2025-10767

A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remoteupload/remotedownload of the file main.py of the component Configuration File Handler. The manipulation of the argument configuration"PASSWORD" results in os command injection. The...

CVE-2025-10767 CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection

A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remoteupload/remotedownload of the file main.py of the component Configuration File Handler. The manipulation of the argument configuration"PASSWORD" results in os command injection. The...

PT-2025-38667

Name of the Vulnerable Software and Affected Versions CosmodiumCS OnlyRAT versions prior to 3.3 Description A vulnerability exists in CosmodiumCS OnlyRAT. The connect/remote upload/remote download function within the main.py file of the Configuration File Handler component is affected. Manipulati...

CVE-2025-10253

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

OESA-2025-2252 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability has been found in Op...

CVE-2025-10253 openDCIM SVG File uploadifive.php cross site scripting

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

Advisory ROSA-SA-2025-2990

software: assimp 5.0.1 OS: ROSA-CHROME unaffected versions = assimp-5.0.1.1-7 affected versions assimp-5.0.1.1-7 CVE-ID: CVE-2025-3548 BDU-ID: 2025-07019 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Impor...

CVE-2025-10236

A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...

CVE-2025-10236

A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...

CVE-2025-10236 binary-husky gpt_academic LaTeX File latex_toolbox.py merge_tex_files_ path traversal

A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...

CVE-2025-10236

CVE-2025-10236 affects binary-husky gpt_academic up to version 3.91. The vulnerability resides in the LaTeX File Handler’s merge_tex_files_ function inside crazy_functions/latex_fns/latex_toolbox.py, where untrusted input passed to the \

CVE-2025-10236 binary-husky gpt_academic LaTeX File latex_toolbox.py merge_tex_files_ path traversal

A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...

PT-2025-37110

Name of the Vulnerable Software and Affected Versions: binary-husky gpt academic versions up to 3.91 Description: A path traversal issue exists in the LaTeX File Handler component of binary-husky gpt academic. The merge tex files function within the crazy functions/latex fns/latex toolbox.py file...

OESA-2025-2179 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability has been found in Op...

OESA-2025-2178 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability has been found in Op...

Linux Distros Unpatched Vulnerability : CVE-2025-8837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File...

Security update for jbigkit

This update for jbigkit fixes the following issues: CVE-2022-1210: Malicious file leads to a denial of service in TIFF File Handler bsc1198146. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

Linux Distros Unpatched Vulnerability : CVE-2020-36565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the...

Linux Distros Unpatched Vulnerability : CVE-2022-1210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious fi...