EUVD-2024-52880

Malicious code in bioql PyPI...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2015-5305 DESCRIPTION: Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted...

CVE-2025-53927 MaxKB sandbox bypass

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they...

CVE-2024-49663

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elenkadark uCAT – Next Story ucat-next-story allows Reflected XSS.This issue affects uCAT – Next Story: from n/a through = 2.0.0...

PT-2024-13740 · Shenzhen · Shenzhen Jf6000 Cloud Media Collaboration Processing Platform

Name of the Vulnerable Software and Affected Versions: Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 Shenzhen JF6000 Cloud Media Collaboration Processing Platform software version V2.0.0 build 6245 Description: The issue is related to Incorrect Access...