47 matches found
Astra Linux – Vulnerability in Thunderbird
If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...
PT-2026-49264
LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small...
CVE-2026-1663
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with group import permissions to create labels in private projects due to improper authorization validation in th...
CVE-2025-65519
mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...
EUVD-2019-0633
Malware in sbrugna...
EUVD-2000-0408
Malware in sbrugna...
EUVD-2019-6328
Malware in sbrugna...
EUVD-2001-0072
Malware in sbrugna...
EUVD-2018-13303
Malware in sbrugna...
EUVD-2022-4709
Malicious code in bioql PyPI...
EUVD-2022-15338
Malicious code in bioql PyPI...
EUVD-2024-54837
Malicious code in bioql PyPI...
EUVD-2022-15364
Malicious code in bioql PyPI...
EUVD-2025-10805
Malicious code in bioql PyPI...
EUVD-2025-9002
Malicious code in bioql PyPI...
EUVD-2022-24537
Malicious code in bioql PyPI...
CVE-2024-45515
An issue was discovered in Zimbra Collaboration ZCS through 10.1. A Cross-Site Scripting XSS vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with...
CVE-2024-45515
An issue was discovered in Zimbra Collaboration ZCS through 10.1. A Cross-Site Scripting XSS vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with...
CVE-2024-45515
An issue was discovered in Zimbra Collaboration ZCS through 10.1. A Cross-Site Scripting XSS vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with...
CVE-2025-6772 eosphoros-ai db-gpt import import_flow path traversal
A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function importflow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploi...