PT-2026-5361

Name of the Vulnerable Software and Affected Versions Kimi Agent SDK versions prior to 0.1.6 Description The Kimi Agent SDK libraries expose the Kimi Code agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to the execSync function as shell command string...

SUSE CVE-2024-1874

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

Upgraded Q -> 2 from #154 [1676532286167]

Judge has assessed an item in Issue 154 as 2 risk. The relevant finding follows: Quest.claim can risk gas exhaustion on large receipt claims due to multiple mandatory loops function claim public virtual onlyQuestActive if isPaused revert QuestPaused; uint256 memory tokens =...

PT-2022-17569 · Npm · Libpq +1

Name of the Vulnerable Software and Affected Versions: pg-native versions prior to 3.0.1 libpq versions prior to 1.8.10 Description: The issue is related to a Denial of Service DoS condition that occurs when the addons attempt to cast the second argument to an array and fail. This happens for eve...