23146 matches found
Exploit for Server-Side Request Forgery in Lnbits
CVE-2025-32013 Security Advisory and PoC for CVE-2025-32013...
CVE-2024-52981
An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.
...
SUSE CVE-2025-3360
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...
Adobe Photoshop 安全漏洞
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A heap buffer overflow vulnerability exists in Adobe Photoshop Desktops. The vulnerability is due to a failure to perform strict checksums on memory...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A securit...
DEBIAN-CVE-2025-29769
libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...
Khan Academy: Unauthorized Account Access via Leaked Credentials in URL Format (Account Takeover )
The vulnerability allowed attackers to access user accounts on khanAcademy.com using leaked credentials that were publicly available. The credentials were found in clear text format on a third-party website. By entering the email and password, the attacker could perform an account takeover withou...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
CVE-2025-3189
Stored Cross-Site Scripting XSS in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it...
[SECURITY] Fedora 41 Update: ghostscript-10.03.1-5.fc41
This package provides useful conversion utilities based on Ghostscript softwa re, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript PS and Portable Document Format PDF page description...
CVE-2025-31480 aiven-extras allows PostgreSQL Privilege Escalation through format function
aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and...
CVE-2025-3189
Stored Cross-Site Scripting XSS in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it...
CVE-2025-3189
CVE-2025-3189 affects DoWISP before 1.16.2.50. A stored XSS flaw arises when a malicious SVG profile picture is uploaded, allowing code execution within DoWISP view contexts. Connected sources consistently report the same vulnerability and version boundary. The CVSS 4.0 vector indicates network a...
aiven-extras 代码问题漏洞
aiven-extras is an aiven open source tool that enables non-super users to access certain database functions. A code issue vulnerability exists in aiven-extras versions prior to 1.1.15, which stems from a format function that does not use a schema prefix, and could lead to elevated privileges...
OESA-2025-1362 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...