`unic` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icu - idna - unicode-bidi...

CVE-2025-34515

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in syncproject.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

EUVD-2025-34884

Ash has authorization bypass when bypass policy condition evaluates to true...

OESA-2025-2416 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: A critical vulnerability was found in GNU Binutils version 2.45. This vulnerability is classified as CWE-122...

CVE-2025-48044

Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...

CVE-2025-48044

Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...

CVE-2025-48044 Authorization bypass when bypass policy condition evaluates to true

Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...

CVE-2025-48044 Authorization bypass when bypass policy condition evaluates to true

Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...

CVE-2025-48044

CVE-2025-48044 concerns an authorization bypass in ash-project ash due to a bug in lib/ash/policy/policy.ex (Elixir.Ash.Policy.Policy):expression/2. Affected versions are ash 3.6.3 up to, but not including, 3.7.1 (commit range 79749c... to 8b83efa...). The vulnerability can cause bypass when a by...

EEF-CVE-2025-48044 Authorization bypass when bypass policy condition evaluates to true

Summary Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before...

CVE-2025-34515 Ilevia EVE X1 Server 4.7.18.0.eden Root Privilege Escalation

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in syncproject.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

EUVD-2025-34804

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in syncproject.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

CVE-2025-34515

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in syncproject.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

EUVD-2025-34739

Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability...

Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

CVE-2025-61581

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

CVE-2025-61581

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

EUVD-2025-34684

reflex-dev/reflex has an Open Redirect vulnerability...

Project Monitoring System useredit.php File SQL Injection Vulnerability

Project Monitoring System is a project monitoring system. Project Monitoring System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /useredit.php. An attacker can exploit this vulnerabilit...