Black-Oracle

🖤 BLACK ORACLE 🖤 «The Eye That Sees Through Digital...

CVE-2026-41309

OSSN versions before 9.0 are vulnerable to resource exhaustion via image processing. An attacker can upload an extremely large image (e.g., 10000×10000), causing the server to allocate substantial memory and CPU during decompression and resizing, leading to DoS. The advisories recommend upgrading...

CVE-2026-41309 Open Source Social Network (OSSN) Vulnerable to Resource Exhaustion via Malicious Image Processing

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

EUVD-2026-25384

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

Kirby 安全漏洞

Kirby is a set of open-source content management systems based on files. Versions prior to Kirby 4.9.0 and 5.4.0 have security vulnerabilities. These vulnerabilities stem from the ability to inject dynamic blueprint configurations during the creation of pages, files, and users, which may lead to...

Open Source Social Network（OSSN） 资源管理错误漏洞

Open Source Social Network OSSN is a social network engine developed by the OSSN team in Switzerland. Prior to version 9.0 of Open Source Social Network OSSN, there was a resource management vulnerability. This vulnerability stemmed from resource exhaustion, which could allow attackers to upload...

CodeChecker 安全漏洞

CodeChecker is an open-source analysis tool developed by Ericsson, which includes Clang Static Analyzer and Clang Tidy. It also provides a database of defects and extensions for viewers. Versions of CodeChecker prior to 6.27.3 contained security vulnerabilities. These vulnerabilities stemmed from...

PJSIP 输入验证错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained a vulnerability related to input validation errors. This...

PT-2026-35059

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description An integer overflow occurs in the media stream buffer size calculation when processing Session Description Protocol SDP with asymmetric ptime configuration. This overflow can lead to an undersized buffe...

PT-2026-34840

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 times 10000$ pixels. While the compressed file size ...

Flowise Information Disclosure Vulnerability

Flowise is a FlowiseAI open source tool for easily building LLM applications. Flowise suffers from an information disclosure vulnerability caused by a flaw in the /api/v1/public-chatflows/:id endpoint that can be exploited by an attacker to obtain sensitive information...

ADuCM302x (=0.1.0), Icarus-nrf9160-bsp (=0.0.0) +1583 more potentially affected by unknown CVE via bare-metal (>=0.1.3 <=1.0.0)

bare-metal CARGO version =0.1.3, =0.1.0, =0.1.0, =0.1.2 - PY32L020xx-pac =0.1.0 - PY32T020xx-pac =0.1.0 - PY32c610xx-pac =0.1.0 - PY32c611xx-pac =0.1.0 - PY32c640xx-pac =0.1.0 - PY32c641xx-pac =0.1.0 - PY32c670xx-pac =0.1.0 - PY32f001xx-pac =0.1.0 - PY32f002axx-pac =0.1.0 - PY32f002bxx-pac =0.1.0...

CVE-2026-41233

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

CVE-2026-41196

A flaw was found in Luanti formerly Minetest, an open-source game platform. A malicious mod, when executed within the LuaJIT environment, can bypass security restrictions designed to isolate it. This allows the mod to execute unauthorized code and gain full access to the user's device, potentiall...

UBUNTU-CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

[SECURITY] Fedora 43 Update: pgadmin4-9.14-3.fc43

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

[SECURITY] Fedora 42 Update: chromium-147.0.7727.101-1.fc42

Chromium is an open-source web browser, powered by WebKit Blink...

[SECURITY] Fedora 42 Update: pgadmin4-9.14-3.fc42

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

GROWI 安全漏洞

GROWI is an enterprise-level open-source knowledge base/Wiki system built using Node.js and React by GROWI Inc. GROWI has a security vulnerability that stems from a susceptibility to regular expression denial-of-service attacks...

JIZHICMS 安全漏洞

JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.4 of JIZHICMS contains a security vulnerability, which stems from the product’s editing module being vulnerable to SQL injection attacks...