Memos 安全漏洞

Memos is a Memos open source open source hosted meme center with knowledge management and social features. A security vulnerability exists in Memos version 0.22, which stems from the presence of path traversal in the CreateResource endpoint, which could lead to arbitrary file writes...

CVE-2025-43584

Substance3D - Viewer versions 0.22 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-43582

Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user, scope unchanged. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-27148 Gradle vulnerable to local privilege escalation through system temporary directory

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...

CVE-2025-27148 Gradle vulnerable to local privilege escalation through system temporary directory

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...

CVE-2025-27148

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. This library initialization could be...

PT-2024-4391 · Unknown +4 · Net-Cidr-Lite +4

Name of the Vulnerable Software and Affected Versions: Net::CIDR::Lite versions prior to 0.22 Description: The issue is related to the improper handling of extraneous zero characters at the beginning of an IP address string. This can allow attackers to bypass access control based on IP addresses ...

PT-2023-21749 · Movim · Movim

Name of the Vulnerable Software and Affected Versions: Movim versions prior to 0.22 Description: The issue is related to a Cross-Site WebSocket Hijacking vulnerability due to missing header validation. Recommendations: For versions prior to 0.22, update to version 0.22 or later to resolve the...

GHSA-54W6-VXFH-FW7F Http4s improperly parses User-Agent and Server headers

Impact The User-Agent and Server header parsers are susceptible to a fatal error on certain inputs. In http4s, modeled headers are lazily parsed, so this only applies to services that explicitly request these typed headers. v0.21.x scala val unsafe: OptionUser-Agent = req.headers.getUser-Agent...

com.avast.cloud:datadog4s-http4s_2.12 (=0.14.0), com.avast.cloud:datadog4s_2.12 (=0.14.0) +90 more potentially affected by CVE-2023-22465 via org.http4s:http4s-core_2.12 (>=0.22.0 <=0.22-143-49b5a8d)

org.http4s:http4s-core2.12 MAVEN version =0.22.0, =0.18.8, =0.17.0, =0.17.0, =0.15.4, =0.17.0, =0.15.4, =0.17.0, =0.15.4, =0.15.4, =0.17.0, =0.17.0, =0.15.4, =0.15.4, =0.18.4 and more Source cves: CVE-2023-22465 Source advisory: OSV:GHSA-54W6-VXFH-FW7F...

com.avast.grpc:grpc-json-bridge-http4s_2.12 (>=0.18.8 <=0.19.0), com.avast:sst-app-monix_2.12 (>=0.17.0 <=0.19.3) +44 more potentially affected by CVE-2021-41084 via org.http4s:http4s-server_2.12 (>=0.22.0 <=0.22.4)

org.http4s:http4s-server2.12 MAVEN version =0.22.0, =0.18.8, =0.17.0, =0.17.0, =0.12.0, =0.17.0, =0.12.0, =0.17.0, =0.12.0, =0.12.0, =0.17.0, =0.17.0, =0.12.0, =0.12.0, =0.12.0, =0.1.1, =5.0.0-PREVIEW.pvfixrelease.2025-12-09T1243.b669d29d and more Source cves: CVE-2021-41084 Source advisory:...

Aspen < 0.22 Directory Traversal

According to its banner, the version of Aspen running on the remote host is prior to 0.22. It is, therefore, affected by a directory traversal vulnerability due to improper sanitization of user-supplied input. Note that Nessus has not tested for this issue but has instead relied only on the...

Aspen Server < 0.22 Directory Traversal Vulnerability - Active Check

Aspen Server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Aspen 0.8 - Directory Traversal

Aspen 0.8 - Directory Traversal Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign -...

Aspen 0.8 - Directory Traversal

Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...

Aspen 0.8 Directory Traversal

Aspen 0.8 - Directory Traversal Earlier versions are also possibly vulnerable. INFORMATION Product: Aspen 0.8 Remote-exploit: yes Vendor-URL: http://www.zetadev.com/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619...

WordPress Invit0r 0.22 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...