CVE-2026-32929

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!getmacromemCOM. Opening a crafted V7 file may lead to information disclosure from the affected product...

Improper Neutralization of Input Used for LLM Prompting

Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Improper Neutralization of Input Used for LLM Prompting via the Guardrail node. An attacker can modify workflow input to circumvent intended restrictions by crafting specific input values. Workaround This...

WordPress plugin GA4WP: Google Analytics for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin GA4WP...

UBUNTU-CVE-2025-27553

Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of the base file...

SUSE CVE-2024-53861

pyjwt is a JSON Web Token implementation in Python. An incorrect string comparison is run for iss checking, resulting in "acb" being accepted for "abc". This is a bug introduced in version 2.10.0: checking the "iss" claim changed from isinstanceissuer, list to isinstanceissuer, Sequence. Since st...

SUSE CVE-2022-35941

TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...

SUSE CVE-2022-35965

TensorFlow is an open source platform for machine learning. If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

LibreNMS 代码问题漏洞

LibreNMS is a PHP and MySQL based open source network monitoring system from the LibreNMS community. The system features custom alerts, auto-discovery of network environments, and automatic updates.LibreNMS versions prior to 22.10.0 have a security vulnerability that stems from insufficient sessi...

CVE-2022-36002

TensorFlow is an open source platform for machine learning. When Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. The fix will be included in TensorFlow...

logixbase (>=0.1.1 <=1.0.1) potentially affected by CVE-2022-24302 via paramiko (=2.10.0)

paramiko PYPI version =2.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on paramiko and may be impacted: - logixbase =0.1.1, =1.0.1 Source cves: CVE-2022-24302 Source advisory: OSV:GHSA-F8Q4-JWWW-X3WV...