2349 matches found
CVE-2025-58459
Jenkins global-build-stats Plugin 322.v22f4db18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs...
Linux Distros Unpatched Vulnerability : CVE-2025-27793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0,...
PT-2025-35781
Name of the Vulnerable Software and Affected Versions: Jenkins global-build-stats Plugin versions 322.v22f4db 18e2dd and earlier Description: The Jenkins global-build-stats Plugin does not perform permission checks in its REST API endpoints. Attackers with Overall/Read permission can enumerate...
Evaluating Diverse Feature Extraction Techniques of Multifaceted IoT Malware Analysis: a Survey
As IoT devices continue to proliferate, their reliability is increasingly constrained by security concerns. In response, researchers have developed diverse malware analysis techniques to detect and classify IoT malware. These techniques typically rely on extracting features at different levels fr...
CVE-2025-57611
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the dump method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfiltergraphdump for NULL, leading to a crash...
CVE-2025-57611
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the dump method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfiltergraphdump for NULL, leading to a crash...
CVE-2025-57611
CVE-2025-57611 affects rust-ffmpeg 0.3.0 (post-commit 5ac0527). The issue is a null pointer dereference in the dump() function caused by not checking the return value of avfilter_graph_dump(), which can crash the process if memory allocation fails. The connected sources confirm the vulnerability ...
ffmpeg 安全漏洞
ffmpeg is a rust library by meh.individual developer. A security vulnerability exists in ffmpeg version 0.3.0, which stems from the dump method not checking the avfiltergraphdump return value, which could lead to null pointer dereference and denial of service...
CVE-2025-57611
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the dump method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfiltergraphdump for NULL, leading to a crash...
Malicious code in proto-dependency-graph-api (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ecf5eff888c8c4922c11f9e7129ce050bb6432ec890c9b527f97254b0cf92690 The OpenSSF Package Analysis project identified 'proto-dependency-graph-api' @ 99.99.99 rubygems as malicious. It is considered malicious becaus...
MAL-2025-46919 Malicious code in proto-dependency-graph-api (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ecf5eff888c8c4922c11f9e7129ce050bb6432ec890c9b527f97254b0cf92690 The OpenSSF Package Analysis project identified 'proto-dependency-graph-api' @ 99.99.99 rubygems as malicious. It is considered malicious becaus...
Malicious code in dependency-graph-platform-proto (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8feb4336c26b61a10aec616c9f9f8777fcdd99ab55df96c82ca78bd088530b9 The OpenSSF Package Analysis project identified 'dependency-graph-platform-proto' @ 99.99.99 rubygems as malicious. It is considered malicious...
MAL-2025-46901 Malicious code in dependency-graph-platform-proto (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8feb4336c26b61a10aec616c9f9f8777fcdd99ab55df96c82ca78bd088530b9 The OpenSSF Package Analysis project identified 'dependency-graph-platform-proto' @ 99.99.99 rubygems as malicious. It is considered malicious...
UBUNTU-CVE-2005-10004
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...
CVE-2005-10004
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...
CVE-2005-10004
CVE-2005-10004 affects Cacti versions prior to 0.8.6-d, with a remote command execution vulnerability in graph_view.php. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which are executed on the underlying OS with the web server’s privileges during gra...
CVE-2005-10004
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...
Linux Distros Unpatched Vulnerability : CVE-2024-1066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an...
PT-2025-35362
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 0.8.6-d Description Cacti versions prior to 0.8.6-d contain a remote command execution issue in the graph view.php script. An authenticated user can inject arbitrary shell commands via the graph start GET parameter, whi...
Linux Distros Unpatched Vulnerability : CVE-2022-35230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed onl...