14 matches found
Unity Linux 20.1060e / 20.1070e Security Update: linuxptp (UTSA-2026-017411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017411 advisory. A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker...
CVE-2026-33250
Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player'...
CVE-2026-1778
Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed...
CVE-2018-19827 affecting package reaper for versions less than 3.1.1-20
CVE-2018-19827 affecting package reaper for versions less than 3.1.1-20. A patched version of the package is available...
tar-fs 安全漏洞
tar-fs is a tar-stream filesystem bundle from the individual developer Mathias Buus. A security vulnerability exists in tar-fs versions prior to 3.1.1, 2.1.3, and 1.16.5, which stems from the possibility of bypassing symbolic link validation when the destination directory is predictable...
PT-2025-33094 · Unknown · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM versions prior to 3.1.1 Dolibarr ERP/CRM versions prior to 3.2.0 Description: Dolibarr ERP/CRM contains a post-authenticated operating system command injection issue in its database backup feature. The export.php script does...
CVE-2025-43568
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2025-11038
Name of the Vulnerable Software and Affected Versions: JetBrains Ktor versions prior to 3.1.1 Description: The issue allows for HTTP Request Smuggling. Recommendations: For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue...
CVE-2024-13263 Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...
Object Resolver Security Vulnerability
Object Resolver is a general-purpose feature by Samuel Akopyan Personal Developer. It is used to handle nested attributes in JavaScript objects of unlimited depth. A security vulnerability exists in Object Resolver versions prior to 3.1.1, which stems from allowing an attacker to cause prototype...
PT-2024-26279 · WordPress · Elementskit Elementor Addons
Name of the Vulnerable Software and Affected Versions: ElementsKit Elementor addons plugin for WordPress versions prior to 3.1.1 Description: The issue allows authenticated attackers with contributor-level access and above to include and execute arbitrary files on the server via the generate...
JSON Web Token Security Vulnerability
JSON Web Token is a compact URL security method for representing a statement to be transmitted between two parties. A security vulnerability exists in JSON Web Token versions prior to 3.1.1 that stems from vulnerability to JWT algorithm obfuscation attacks...
PYSEC-2023-314
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...
Signotec signoPAD-API/Web Denial of Service Vulnerability
Signotec signoPAD-API/Web is a web interface for integrating signotec signature pads from Signotec Germany. The product includes features such as document management and memory management. A denial of service vulnerability exists in signotec signoPAD-API/Web versions prior to 3.1.1 Windows, which...