1000 Projects Online Student Project Report 代码问题漏洞

1000 Projects Online Student Project Report is an online student project reporting system from 1000 Projects open source. A code issue vulnerability exists in 1000 Projects Online Student Project Report Submission and Evaluation System version 1.0, which originates from an incorrect operation of...

1000 Projects Online Student Project Report 代码问题漏洞

1000 Projects Online Student Project Report is an open source online student project reporting system from 1000 Projects. A code issue vulnerability exists in version 1.0 of 1000 Projects Online Student Project Report, which stems from an incorrect manipulation of the parameter newimage in the fi...

PT-2025-37729

Name of the Vulnerable Software and Affected Versions Explorance Blue version 8.1.2 Description Explorance Blue version 8.1.2 contains multiple Cross Site Scripting XSS vulnerabilities in input fields. These vulnerabilities allow attackers to inject arbitrary JavaScript code into a user’s browser...

Exploit for CVE-2016-4655

This is a PoC exploit for iOS 9.3.5, targeting CVE-2016-4655 and CVE-2016-4656. The exploit aims to gain root access over the device by exploiting kernel vulnerabilities. The supported devices are listed in offsetfinder.h. The exploit is based on the original disclosure by Lookout and the OS X...

gosec

This is a Go AST Abstract Syntax Tree scanner for identifying security vulnerabilities in Go code. The scanner is called "gosec" and is part of the GolangCI project. It can be installed using the command "go get github.com/golangci/gosec/cmd/gosec/...". The scanner can be configured to run a subs...

JNDIExploit

This is a Java-based exploit tool for JNDI Java Naming and Directory Interface injection vulnerabilities. The tool is designed to inject a payload into the JNDI repository, allowing an attacker to execute arbitrary code on the target system. The tool is based on the Rogue JNDI project and support...

crypto: x86/aegis - Add missing error checks

...

[SECURITY] Fedora 43 Update: rust-crypto-auditing-agent-0.2.3-5.fc43

Event collector agent for crypto-auditing project...

SUSE CVE-2025-55190

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwor...

`libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

RUSTSEC-2025-0067 `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

serde_yml crate is unsound and unmaintained

Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...

CVE-2025-41701

An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...

[SECURITY] Fedora 41 Update: rust-crypto-auditing-event-broker-0.2.3-3.fc41

Event broker for crypto-auditing project...

[SECURITY] Fedora 41 Update: rust-crypto-auditing-client-0.2.3-2.fc41

Event broker client for crypto-auditing project...

[SECURITY] Fedora 41 Update: rust-crypto-auditing-agent-0.2.3-3.fc41

Event collector agent for crypto-auditing project...

[SECURITY] Fedora 42 Update: rust-crypto-auditing-client-0.2.3-4.fc42

Event broker client for crypto-auditing project...

[SECURITY] Fedora 42 Update: rust-crypto-auditing-event-broker-0.2.3-5.fc42

Event broker for crypto-auditing project...

Neo4j MCP Clients & Servers 安全漏洞

Neo4j MCP Clients & Servers is a protocol for managing large language model contexts in the Neo4j Contrib open source. A security vulnerability exists in Neo4j MCP Clients & Servers, which stems from a DNS rebinding vulnerability that could lead to bypassing same-origin policy protections and...

CVE-2025-10088

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file /index.html. Performing manipulation of the argument project-name results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...