Uncontrolled Recursion

Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Uncontrolled Recursion due to the...

Server-side Request Forgery (SSRF)

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the gr.load function. An attacker can access internal services, cloud metadata endpoints, and private networks b...

PT-2024-32466 · Ampache · Ampache

Name of the Vulnerable Software and Affected Versions: Ampache versions prior to 6.6.0 Description: Ampache is a web-based audio/video streaming application and file manager. The Democratic Playlist Name is vulnerable to a stored cross-site scripting issue. Recommendations: For versions prior to...

PT-2022-7285 · Apache +10 · Apache Commons Bcel +10

Name of the Vulnerable Software and Affected Versions: Apache Commons BCEL versions prior to 6.6.0 Description: The issue is related to an out-of-bounds writing problem in Apache Commons BCEL, which can be exploited to produce arbitrary bytecode. This could be abused in applications that pass...