11 matches found
PT-2026-53959
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.6 Description An authenticated attacker can perform a Server-Side Request Forgery SSRF, which occurs when a server is tricked into making requests to an unintended location. The issue exists because...
EUVD-2015-5598
Malware in sbrugna...
CVE-2025-5302
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
PT-2025-34665
Name of the Vulnerable Software and Affected Versions: run-llama/llama index versions prior to 0.12.38 Description: A denial of service issue exists in the JSONReader component. The issue is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting i...
CVE-2024-31636
An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machdreader.c component...
The vulnerability of the invesalius/reader/dicom.py component of the medical software used to create virtual reconstructions of human structures, InVesalius, allows a perpetrator to execute arbitrary code.
The vulnerability of the invesalius/reader/dicom.py component of the medical software for creating virtual reconstructions of human structures, InVesalius, is related to insufficient validation of the input data. Exploiting this vulnerability could allow an attacker, operating remotely, to execut...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
Platform Update Supplement for Windows Vista and for Windows Server 2008
Platform Update Supplement for Windows Vista and for Windows Server 2008 INTRODUCTION The Platform Update Supplement for Windows Vista and for Windows Server 2008 is available. This update provides fixes and improvements to graphics, media foundation and print functionality in Windows Vista Servi...
CVE-2019-15142
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...
CVE-2019-15142
CVE-2019-15142 affects DjVuLibre 3.5.27 in the DJVU reader component. The vulnerability arises in DjVmDir.cpp (and related GString handling) where the code reads a DJVU file into a GTArray and then uses a UTF-8 string path, leading to a heap-based out-of-bounds read and a denial-of-service crash ...
The vulnerability of Safari browser and iOS operating system allows attackers to carry out UXSS attacks.
The vulnerability of the Safari Reader component in the Safari browser, operating system iOS, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out UXSS attacks using a specially crafted website...