163 matches found
Android 16 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.
This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 16. Android 16 devices with a security patch level of 2025-07-01 or later are protected against these issues Android 16, as released on AOSP, will have...
CVE-2025-48070
Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site...
CVE-2025-48070 Plane has insecure permissions in UserSerializer
Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site...
Code-Projects Simple Banking System 安全漏洞
Code-Projects Simple Banking System is a simple banking system from Code-Projects open source. A security vulnerability exists in Code-Projects Simple Banking System version 1.0 and earlier, which originates from a buffer overflow due to a parameter password2 operation in the Sign In component...
Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
Automatically generates beautiful and easy-to-read ER diagrams from your database. Website • Documentation • Roadmap What's Liam ERD? Liam ERD generates beautiful, interactive ER diagrams from your database. Whether you're working on public or private repositories, Liam ERD helps you visualize...
PeerTube 安全漏洞
PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from a lack of permission validation, which could lead to the addition of playlists to other users' channels via th...
Apache Seata Code Issue Vulnerability
Apache Seata is the United States Apache Apache Foundation of a microservices architecture in the United States to provide high-performance and easy to use distributed transaction services in the open source project . Apache Seata suffers from a code issue vulnerability that stems from...
Code-Projects Patient Record Management System 注入漏洞
Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the validation of externally entered SQL statements that is missing from the parameter itrno in the birthingprint.php file. The...
SourceCodester Online Eyewear Shop 安全漏洞
SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL that provides an online shopping and ordering platform for the eyewear business and its potential customers. A security vulnerability exists in SourceCodester Onli...
Apache Seata 安全漏洞
Apache Seata is an open source project from the Apache Foundation that provides high-performance and easy-to-use distributed transaction services in a microservices architecture. A security vulnerability exists in Apache Seata version 2.2.0 and earlier, which stems from improper handling of highl...
编号撤回
PyTorch is a Python package in the PyTorch open source. This CVE number has been withdrawn...
libzvbi 输入验证错误漏洞
libzvbi is a VBI utility in the zapping-vbi open source. An input validation error vulnerability exists in libzvbi version 0.2.43 and earlier, which stems from an integer overflow and could lead to a remote attack...
Code-Projects Blood Bank Management System 注入漏洞
Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. An injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which stems from an incorrect manipulation of the parameter requesterid that can lead to SQL...
E-Commerce-Website-Using-PHP 注入漏洞
E-Commerce-Website-Using-PHP is a free and open source full-featured e-commerce website project. An injection vulnerability exists in E-Commerce-Website-Using-PHP version 1.0, which stems from the fact that incorrect manipulation of the parameter pcat can lead to SQL injection...
Malicious code in calculated_members_message (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5529e99d26fab951551b850892343db8270230c71da1a8091e2bca79559e37f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Android Security Bulletin—March 2025Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2025-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...
CVE-2024-47830
Plane is an open-source project management tool. Plane uses the wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0...
CVE-2024-31461
Plane, an open-source project management tool, has a Server-Side Request Forgery SSRF vulnerability in versions prior to 0.17-dev. This issue may allow an attacker to send arbitrary requests from the server hosting the application, potentially leading to unauthorized access to internal systems. T...
[SECURITY] Fedora 41 Update: abseil-cpp-20240722.1-1.fc41
Abseil is an open-source collection of C++ library code designed to augment the C++ standard library. The Abseil library code is collected from Google's own C++ code base, has been extensively tested and used in production, and is the same code we depend on in our daily coding lives. In some case...
CVE-2025-21616
Plane is an open-source project management tool. A cross-site scripting XSS vulnerability has been identified in Plane versions prior to 0.23. The vulnerability allows authenticated users to upload SVG files containing malicious JavaScript code as profile images, which gets executed in victims'...