CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

CVE-2025-65482

The CVE-2025-65482 XXE vulnerability affects opensagres XDocReport versions 0.9.2 through 2.0.3, allowing arbitrary code execution via crafted .docx uploads. Root cause relates to XML data processing within the library, enabling an attacker to trigger code execution when processing external entit...

PT-2026-3629

Name of the Vulnerable Software and Affected Versions opensagres XDocReport versions 0.9.2 through 2.0.3 Description An XML External Entity XXE issue exists in opensagres XDocReport. Successful exploitation allows attackers to execute arbitrary code by uploading a specially crafted .docx file. Th...

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

CVE-2025-62703

Fugue is a unified interface for distributed computing that lets users execute Python, Pandas, and SQL code on Spark, Dask, and Ray with minimal rewrites. In version 0.9.2 and prior, there is a remote code execution vulnerability by pickle deserialization via FlaskRPCServer. The Fugue framework...

PT-2025-4983 · Unique Ux · Unique Ux

Name of the Vulnerable Software and Affected Versions: Unique UX versions 0.9.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This means that an attacker can inject malicious scripts...

PT-2024-27539 · Unknown · Progress Planner

Name of the Vulnerable Software and Affected Versions: Progress Planner versions 0.9.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

SUSE CVE-2009-2562

Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service crash via unknown vectors...

HashiCorp Vault 访问控制错误漏洞

Hashicorp HashiCorp Vault is a private key access management tool from the US-based Hashicorp. An Access Control Error vulnerability exists in HashiCorp Vault Enterprise that stems from the product's lack of privilege validation when reading license metadata from DR secondaries. An attacker could...

DEBIAN-CVE-2018-11798

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path...

swfdump Debugging Code Denial of Service Vulnerability

SWFTools is a set of SWF manipulation and creation of utility authoring software tools. swfdump displays the id, name and depth of objects defined in the SWF file. It can also further decompose Actionscript, extract text, and display location information objects. A debugging code denial of servic...