7 matches found
Command Injection
Overview @google/gemini-cli is a Gemini CLI Affected versions of this package are vulnerable to Command Injection via the processing of untrusted workspace folders in headless mode and the handling of tool allowlisting under --yolo mode. An attacker can execute arbitrary code by submitting...
OPENSUSE-SU-2025:15817-1 buildpacks-cli-0.39.1-1.1 on GA media
These are all security issues fixed in the buildpacks-cli-0.39.1-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-0187
A Denial of Service DoS vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...
Gradio 资源管理错误漏洞
Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A resource management error vulnerability exists in Gradio version 0.39.1, which stems from the file upload function mishandling form-data with...
CVE-2024-33904
In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...
Hyprland 安全漏洞
Hyprland is a wlroots-based dynamic tiling Wayland composition application open-sourced by Hypr Development. A security vulnerability exists in Hyprland version 0.39.1 and earlier versions. An attacker could exploit this vulnerability to execute arbitrary assembly code by writing predictable...
PT-2024-25539
Name of the Vulnerable Software and Affected Versions Hyprland versions through 0.39.1 Description A local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file through a race condition in plugins/HookSystem.cpp. This issue allows for the execution of...