Node.js 安全漏洞

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Versions 20.x, 22.x, 24.x, and 25.x of Node.js have security vulnerabilities. These vulnerabilities stem from HMAC verification using a comparison that does not maintain constant time, whi...

CVE-2024-9432

CVE-2024-9432 pertains to OpenText Vertica where a vulnerability in the Vertica agent can allow reading a plaintext API key. Affected versions are Vertica 23.X, 24.X, and 25.X. The CVSS metrics indicate local attack vector with high exploit complexity and high privileges required, potentially imp...

Astra Linux – Vulnerability in Poppler

Versions of Poppler from 24.06.1 through 25.x, prior to 25.04.0, allowed stack consumption and a SIGSEGV due to deeply nested structures within the metadata of a PDF document such as GTSPDFEVersion. This issue occurred in functions like Dict::lookup, Catalog::getMetadata, and related functions in...

Adobe Photoshop 24.x < 24.7.4 / 25.x < 25.11 Vulnerability (APSB24-49)

The version of Adobe Photoshop installed on the remote Windows host is prior to 24.7.4/25.11. It is, therefore, affected by a vulnerability as referenced in the apsb24-49 advisory. - Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could...