Slate Digital Connect 安全漏洞

Slate Digital Connect is an audio plugin management and licensing client developed by Slate Digital. Version 1.37.0 of Slate Digital Connect contains a security vulnerability. This vulnerability stems from the XPC service verifying the client only based on the subject.OU value of the client’s...

OPENSUSE-SU-2026:10740-1 busybox-1.37.0-11.1 on GA media

These are all security issues fixed in the busybox-1.37.0-11.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10231-1 busybox-1.37.0-9.1 on GA media

These are all security issues fixed in the busybox-1.37.0-9.1 package on the GA media of openSUSE Tumbleweed...

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2025-2475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

...

OESA-2025-1881 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: In tar in...

CVE-2024-54317

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Google Web Stories web-stories allows Stored XSS.This issue affects Web Stories: from n/a through = 1.37.0...

CVE-2025-46394

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences...

BusyBox 安全漏洞

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox 1.37.0 and earlier versions, which originates from the fact that tar can hide filenames via terminal escape sequences...

WordPress plugin Web Stories 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Web Stories plugin <= 1.37.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by shinobu Patchstack Alliance in WordPress Plugin Web Stories versions = 1.37.0...

CVE-2024-48909

SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled LookupResources2 and have caveats in the evaluation path for their requests can return a permissionship of...

PT-2024-33261 · Spicedb +1 · Spicedb +1

Name of the Vulnerable Software and Affected Versions: SpiceDB versions 1.35.0 through 1.37.0 Description: SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Clients that have enabled LookupResources2 and have caveats in the evaluation path for...

CVE-2024-42474

CVE-2024-42474 affects Streamlit Open Source on Windows via the static file sharing feature, enabling path traversal that could leak the Windows user’s password hash. The issue was identified in Streamlit and patched in version 1.37.0 (released around July 25, 2024). Evidence in connected sources...

CVE-2024-42474 Streamlit Path Traversal Security Vulnerability on Windows

Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit apps on Windows were vulnerable to a path traversal vulnerability when the static file shari...

CVE-2024-42474 Streamlit Path Traversal Security Vulnerability on Windows

Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit apps on Windows were vulnerable to a path traversal vulnerability when the static file shari...

PT-2024-29970 · Streamlit · Streamlit

Name of the Vulnerable Software and Affected Versions: Streamlit versions prior to 1.37.0 Description: The issue is related to a path traversal vulnerability in the static file sharing feature of Streamlit. This vulnerability allows an attacker to leak the password hash of the Windows user runnin...