28 matches found
CVE-2026-44647
OneDev is a Git server with CI/CD, kanban, and packages. Prior to 15.0.2, there is behavior that breaks the expected boundary between repository-controlled LFS metadata and server-local filesystem paths. A repository object can steer raw blob reads to arbitrary local files that the server account...
CVE-2026-41139 Unsafe array index getter in mathjs
Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0...
mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes
Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.0, an...
CVE-2025-68548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Stored XSS.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.2...
CVE-2025-68548
Mode C: The connected Wordfence entry documents an authenticated (Contributor+) Local File Inclusion vulnerability in Responsive Posts Carousel Pro (WordPress plugin) up to version 15.2, CVE-2025-68996, with Patch Status Patched. Updated versions from 15.2+ remediate the issue; CVSS 7.5 (High) in...
PT-2025-52748
Name of the Vulnerable Software and Affected Versions Responsive Posts Carousel Pro versions through 15.2 Description An issue exists in WebCodingPlace Responsive Posts Carousel Pro that allows for Stored Cross-site Scripting XSS. This occurs due to improper neutralization of input during web pag...
EUVD-2024-55001
Malicious code in bioql PyPI...
CVE-2024-44271
Apple macOS Sequoia 15.2 fixes CVE-2024-44271, where an app could record the screen without an indicator. Update to macOS Sequoia 15.2 to remediate; the issue was addressed via improved checks in the system. No exploitation details are provided beyond the CVE entry.
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.2, which originates from an application that may be able to read sensitive location information...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.2, which originates from an application that may be able to capture keyboard events from the lock screen...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.2, which stems from an application that may be able to determine a user's current location...
Apple macOS 缓冲区错误漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A buffer error vulnerability exists in Apple macOS version 15.2, which originates from an application that may cause the system to unexpectedly terminate or write to kernel memo...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.2, which stems from an application that may be able to access protected user data...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 15.2, which originates from an application that may be able to edit NVRAM variables...
CVE-2024-54493
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.2. Privacy indicators for microphone access may be attributed incorrectly...
Apple macOS 安全漏洞
Apple macOS is a set of specialized operating systems developed for Mac computers by the American company Apple Apple. A security vulnerability exists in Apple macOS Sequoia versions prior to 15.2. An attacker exploiting the vulnerability could access protected user data...
Apple macOS 安全漏洞
Apple macOS is a set of specialized operating systems developed for Mac computers by the American company Apple Apple. A security vulnerability exists in Apple macOS Sequoia versions prior to 15.2. An attacker exploiting the vulnerability can access arbitrary files...
Apple macOS 安全漏洞
Apple macOS is a set of specialized operating systems developed for Mac computers by the American company Apple Apple. A security vulnerability exists in Apple macOS Sequoia versions prior to 15.2. An attacker exploiting this vulnerability could gain root privileges...
Veritas Enterprise Vault 安全漏洞
Veritas Enterprise Vault is a Veritas platform for capturing, archiving, and discovering information across all communication platforms. A security vulnerability exists in Veritas Enterprise Vault versions prior to 15.2 that originates from untrusted data received on the .NET Remoting TCP port th...
Verint Desktop Resources 安全漏洞
Verint Desktop Resources is a software from Verint. A security vulnerability exists in Verint Desktop Resources version 15.2, which originated when the MSI installer allowed an unprivileged local user to elevate their privileges during installation or repair...