CVE-2021-29539

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.ImmutableConsthttps://www.tensorflow.org/apidocs/python/tf/rawops/ImmutableConst with a dtype of tf.resource or tf.variant results in a segfault in the implementation as code assumes that the tensor contents...

CVE-2021-21301

Wire is an open-source collaboration platform. In Wire for iOS iPhone and iPad before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the...

Mattermost has an unspecified vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from a failure to lock out an LDAP user, which can be exploited by an attacker to lock out an external LDAP account through repeated failed...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to view group information via an API request...

Casdoor 安全漏洞

Casdoor is an open source platform from Casdoor Open Source that supports multiple authentication and authorization protocols. A security vulnerability exists in Casdoor version 1.811.0 and prior versions that stems from an authorization bypass that could lead to unauthorized access...

[SECURITY] Fedora 41 Update: pgadmin4-9.2-1.fc41

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

CVE-2025-32790

Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an input validation error vulnerability that stems from insufficient props validation, which can be exploited by an attacker to cause a denial of service attack...

PT-2025-17318 · Dify · Dify

Name of the Vulnerable Software and Affected Versions: Dify versions prior to 0.6.12 Description: A vulnerability was identified in Dify, an open-source LLM app development platform, where normal users can enable or disable apps through the API, despite not being permitted to make such changes...

CVE-2025-27617 Pimcore Vulnerable to SQL Injection in getRelationFilterCondition

Pimcore is an open source data and experience management platform. Prior to version 11.5.4, authenticated users can craft a filter string used to cause a SQL injection. Version 11.5.4 fixes the issue...

Linux Distros Unpatched Vulnerability : CVE-2022-39324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from a failure to properly validate boards when importing Boards...

BIT-DISCOURSE-2025-22602 Stored DOM-based XSS (without CSP) via video placeholders in Discourse

Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users' browsers by posting a malicious video placeholder html element. This issue only affects sites with CSP disabled. This problem has been patched in the latest...

Mattermost Code Issue Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a code issue vulnerability that stems from a failure to properly validate a proto style provided to an action style, which can be exploited by an attacker to crash the front-end...

Mattermost Denial of Service Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that stems from an inability to properly validate post attributes, which can be exploited by an attacker to cause a system crash...

CVE-2024-53994 Potential bypass of chat permissions in Discourse

Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable...

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA version 9.1.3, which stems from vulnerability to cross-site scripting attacks...

Unspecified Vulnerability in Magma (CNVD-2025-15071)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma suffers from a security vulnerability that can be exploited by an attacker to cause a denial of service by repeatedly crashing the M...

Magma null pointer dereference vulnerability (CNVD-2025-02445)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...

Magma Buffer Overflow Vulnerability

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a denial of service DoS via a crafted N...