89 matches found
CVE-2026-56400 open-webui - Remote Code Execution via CORS Misconfiguration and Session Validation
open-webui before 0.3.14 contains a cross-origin resource sharing misconfiguration allowing arbitrary origins with alloworigins= and authenticated requests to the /api/v1/functions endpoint. Attackers can execute arbitrary code on the openwebui instance by crafting malicious cross-site requests...
EUVD-2026-44629
open-webui before 0.3.14 contains a cross-origin resource sharing misconfiguration allowing arbitrary origins with alloworigins= and authenticated requests to the /api/v1/functions endpoint. Attackers can execute arbitrary code on the openwebui instance by crafting malicious cross-site requests...
PT-2026-43088
A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...
CVE-2026-1332
MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information...
CVE-2026-1332 HAMASTAR Technology|MeetingHub - Missing Authentication
MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information...
EUVD-2021-24901
Malware in sbrugna...
EUVD-2021-24905
Malware in sbrugna...
EUVD-2005-1410
Malware in sbrugna...
EUVD-2013-6925
Malware in sbrugna...
EUVD-2021-24931
Malware in sbrugna...
EUVD-2018-1963
Malware in sbrugna...
EUVD-2021-24915
Malware in sbrugna...
EUVD-2021-24883
Malware in sbrugna...
EUVD-2012-4393
Malware in sbrugna...
EUVD-2022-40956
Malicious code in bioql PyPI...
EUVD-2022-46441
Malicious code in bioql PyPI...
SUSE SLES12 Security Update : expat (SUSE-SU-2025:1295-1)
"The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1295-1 advisory. - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618...
SUSE-SU-2025:1295-1 Security update for expat
This update for expat fixes the following issues: - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer behavi...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : expat (SUSE-SU-2025:1201-1)
"The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1201-1 advisory. - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overfl...
SUSE-SU-2025:1201-1 Security update for expat
This update for expat fixes the following issues: - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion bsc1239618 Other fixes: - version update to 2.7.1 jscPED-12500 Bug fixes: 980 989 Restore event pointer behavi...