CVE-2025-54159

The CVE-2025-54159 entry describes a missing authorization vulnerability in Synology BeeDrive for desktop prior to version 1.4.2-13960, where remote attackers could delete arbitrary files via unspecified vectors. Affected product: BeeDrive for desktop. Root cause: lack of authorization checks in ...

CVE-2025-58431

CVE-2025-58431 affects ZimaOS (fork of CasaOS) prior to version 1.4.2. The /v2_1/files/file/download API endpoint allows unauthorized local users with localhost access to read local files, with reads executed as ROOT. Multiple sources (Red Hat, CVE records, CVE lists, and vulnerability databases)...

Snappy 代码问题漏洞

Snappy is a PHP library from the individual developers at KNP Labs that allows thumbnails, snapshots or PDFs to be generated from url or html pages. A code issue vulnerability exists in versions of Snappy prior to 1.4.2 that stems from a lack of protocol checks. An attacker can exploit this...

Matroska libebml Buffer Error Vulnerability

Matroska libebml is a GlobalMatroska open source application that provides a low-level C++ library for reading and writing Matroska files. A security vulnerability exists in libebml before 1.4.2, which stems from a heap overflow bug in the implementation of EbmlString::ReadData and...