268 matches found
PT-2026-45963
These are all security issues fixed in the ffmpeg-4-4.4.7-3.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-34874
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...
CVE-2026-32609
Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix commit 5d3de60 addressed unauthenticated configuration secrets exposure on the /api/v4/config endpoints by introducing asdictsecure redaction. However, the /api/v4/args and /api/v4/args/item endpoints were not...
Craft CMS 安全漏洞
Craft CMS is an open-source content management system developed by Craft CMS. Vulnerabilities existed in versions 4.0.0-RC1 to 4.17.5, as well as in versions 5.0.0-RC1 to 5.9.11 of Craft CMS. These vulnerabilities were caused by behavior injection remote code execution vulnerabilities in the...
CVE-2026-25484 Craft Commerce has Stored XSS in Product Type Name
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, there is a Stored XSS via Product Type names. The name is not sanitized when displayed in user permissions settings. The vulnerable input source is in Commerce Product Type setting...
CVE-2026-24793
Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in azerothcore azerothcore-wotlk deps/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0...
CVE-2020-24376
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3...
CVE-2025-64420
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and...
CVE-2025-64460
An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in django.core.serializers.xmlserializer.getInnerText allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML...
PT-2025-47073
Name of the Vulnerable Software and Affected Versions Bdtask Flight Booking Software version 4 Description A flaw exists in Bdtask Flight Booking Software version 4 that allows for unrestricted file upload through the Edit Profile Page, specifically via the /agent/profile/edit file. This...
CVE-2025-64407
Technical details for CVE-2025-64407 are not publicly provided in the connected documents. Available sources discuss related vulnerabilities (CVE-2024-12425/12426) and Apache OpenOffice issues, but do not specify this CVE’s affected products, root cause, or fixes.
Sublime Text 安全漏洞
Sublime Text is a cross-platform, extensible text editor from Sublime, Inc. A security vulnerability exists in Sublime Text version 4 4200 that originates from a low-privilege attacker who can replace uninstalled files in the installation folder, potentially resulting in elevated privileges...
EUVD-2025-38014
Deserialization of Untrusted Data vulnerability in Scott Reilly Preserve Code Formatting preserve-code-formatting allows Object Injection.This issue affects Preserve Code Formatting: from n/a through = 4.0.1...
CVE-2025-11966
In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, when "directory listing" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories within a served path...
EUVD-2018-1075
Malware in sbrugna...
EUVD-2020-18471
Malware in sbrugna...
EUVD-2007-5400
Malware in sbrugna...
EUVD-2003-0135
Malware in sbrugna...
EUVD-2014-2203
Malware in sbrugna...
EUVD-2014-3805
Malware in sbrugna...