12 matches found
PT-2026-42045
Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...
EUVD-2019-8578
Malware in sbrugna...
EUVD-2025-28743
Malicious code in bioql PyPI...
CVE-2025-6507
A vulnerability in the h2oai/h2o-3 repository allows attackers to exploit deserialization of untrusted data, potentially leading to arbitrary code execution and reading of system files. This issue affects the latest master branch version 3.47.0.99999. The vulnerability arises from the ability to...
PT-2023-22305 · Unknown · Djangoblog
Name of the Vulnerable Software and Affected Versions: djangoblog versions prior to master Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs in the GitHub repository liangliangyy/djangoblog. Recommendations: For versions prior to master, update to the master...
Cross Site Scripting in Open Web Analytics on most statistics related pages
Description The makeJson method within the owatemplate class generates a JSON string in an unsafe manner. This method is utilized within the report.tpl file, where it receives parameters from the URL and generates a JSON string using them without properly sanitizing. Proof of Concept The...
PT-2023-16145 · Unknown · Webcalendar
Name of the Vulnerable Software and Affected Versions: webcalendar versions prior to master Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository craigk5n/webcalendar. Recommendations: For versions prior to master, update to the master version...
ok-file-formats 安全漏洞
ok-file-formats is an open source decoder for PNG, JPEG, WAV and some other file formats. A security vulnerability exists in ok-file-formats master version 2021-9-12, which stems from a buffer overflow issue in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...
Windows Master Denial of Service Vulnerability (CNVD-2018-07015)
Windows Master aka Windows Optimization Master is a set of Windows optimization tools. The tool features system detection, system optimization, system cleanup and system maintenance. A security vulnerability exists in the WoptiHWDetect.SYS driver file in Windows Master version 7.99.13.604, which...
OpenJPEG - mqc.c Heap-Based Buffer Overflow Exploit
Exploit for linux platform in category dos / poc DESCRIPTION An Out-of-Bounds Write issue can be occurred in function opjmqcbyteout of mqc.c during executing opjcompress. This issue was caused by a malformed BMP file. CREDIT This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB...
OpenJPEG - mqc.c Heap Buffer Overflow
OpenJPEG - mqc.c Heap Buffer Overflow DESCRIPTION An Out-of-Bounds Write issue can be occurred in function opjmqcbyteout of mqc.c during executing opjcompress. This issue was caused by a malformed BMP file. CREDIT This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. TESTED VERSION...
Cisco Unity Connection Version
Cisco Unity Connection was found. TRUSTED...