Chatbox 操作系统命令注入漏洞

Chatbox is a chat software developed by Shafqat Hasan. Versions of Chatbox 1.20.0 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from incorrect handling of the parameters args and env in the file src/main/mcp/ipc-stdio-transport.ts,...

org.apache.nifi:nifi-asana-processors-nar (>=1.20.0 <=2.6.0) potentially affected by CVE-2025-66524 via org.apache.nifi:nifi-asana-processors (>=1.20.0 <=2.6.0)

org.apache.nifi:nifi-asana-processors MAVEN version =1.20.0, =1.20.0, =2.6.0 Source cves: CVE-2025-66524 Source advisory: SNYK:JAVA-ORGAPACHENIFI-14545438...

org.apache.nifi:nifi-asana-processors-nar (>=1.20.0 <=2.6.0) potentially affected by CVE-2025-66524 via org.apache.nifi:nifi-asana-processors (>=1.20.0 <=2.6.0)

org.apache.nifi:nifi-asana-processors MAVEN version =1.20.0, =1.20.0, =2.6.0 Source cves: CVE-2025-66524 Source advisory: OSV:GHSA-V4P2-2W39-MHRJ...

Apache NiFi 代码问题漏洞

Apache NiFi is a data processing and distribution system from the Apache USA Foundation. The system is primarily used for data routing, transformation, and system brokering logic. A code issue vulnerability exists in Apache NiFi versions 1.20.0 through 2.6.0 that stems from the GetAsanaObject...

PT-2024-35271 · WordPress · Pressaholic Wordpress Video Robot - The Ultimate Video Importer

Name of the Vulnerable Software and Affected Versions: Pressaholic WordPress Video Robot - The Ultimate Video Importer versions 1.20.0 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This...