CVE-2025-46597

Bitcoin Core 0.13.0 through 29.x has an integer overflow...

CVE-2026-31814

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...

CVE-2026-31814 Yamux remote Panic via malformed WindowUpdate credit

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...

Stalwart Mail Server 安全漏洞

Stalwart Mail Server is an integrated email server developed by Stalwart Labs. Vulnerabilities exist in versions 0.13.0 to 0.15.4 of Stalwart Mail Server. These vulnerabilities stem from processing specially crafted emails that contain malformed message/rfc822 MIME parts. This can lead to excessi...

PT-2024-10015 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: Gogs versions =0.13.0 Description: The issue is related to a Directory Traversal vulnerability via the editFilePost function in the internal/route/repo/editor.go file. This vulnerability is caused by improper restriction of the directory path...

Eclipse OpenJ9 安全漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A security vulnerability exists in Eclipse OpenJ9 that stems from an out-of-bounds read and out-of-bounds write vulnerability when running with the JVM option...

PT-2024-24534 · Carina · Carina

Name of the Vulnerable Software and Affected Versions: Carina versions 0.13.0 and earlier Description: An RBAC authorization risk allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster...

Apache IoTDB 代码问题漏洞

Apache IoTDB is an integrated data management engine designed for time-series data from the Apache USA Foundation, which provides data collection, storage, and analysis services, among other things. A deserialization vulnerability exists in Apache IoTDB versions 0.13.0 through 0.13.4, which can b...

PT-2023-9257 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: Gogs versions 0.13.0 and earlier Description: The issue allows an attacker to delete or modify arbitrary files on a vulnerable Gogs server. This can be exploited by a remote attacker. Unprivileged user accounts can execute arbitrary commands ...

PT-2023-19811 · Apache · Apache Iotdb Grafana-Connector

Name of the Vulnerable Software and Affected Versions: Apache IoTDB Grafana Connector versions 0.13.0 through 0.13.3 Description: The issue is related to improper authentication, allowing attackers to log in without authorization. This is a significant security concern as it could lead to...

Apache Heron Path Traversal Vulnerability

Apache Heron is a distributed , fault-tolerant real-time stream processing engine . A path traversal vulnerability exists in Apache Heron versions 0.13.0 through 0.17.8, which stems from the program failing to adequately filter user-submitted input. A remote attacker could exploit the vulnerabili...