750 matches found
EUVD-2022-50459
Malicious code in bioql PyPI...
OpenSupports 安全漏洞
OpenSupports is a simple open source ticketing platform from OpenSupports Open Source. A security vulnerability exists in OpenSupports version 4.11.0 that originates from an unauthenticated diagnostic endpoint that allows arbitrary back-end network connections, potentially leading to a server-sid...
CVE-2025-59018
CVE-2025-59018 describes a missing authorization check in the TYPO3 CMS Workspace Module that lets backend users directly invoke the corresponding AJAX backend route to disclose sensitive information. Affected TYPO3 versions are 9.0.0–9.5.54, 10.0.0–10.4.53, 11.0.0–11.5.47, 12.0.0–12.4.36, and 13...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system from TYPO3 open source. A security vulnerability exists in TYPO3 CMS, which stems from a lack of authorization checking in the back-end routing, which could lead to unauthorized AJAX calls. The following versions are affected: 9.5.54 and earlier, 10.4.53 a...
MAL-2025-43963 Malicious code in dependencies-backend-mutation-string (npm)
The package dependencies-backend-mutation-string was found to contain malicious code...
CVE-2025-57759
Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...
CVE-2025-57758
Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...
CVE-2025-57758
Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...
CVE-2025-57759 Contao has improper privilege management for page and article fields
Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no...
CVE-2025-57758 Contao has improper access control in the back end voters
Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...
CVE-2025-57758 Contao has improper access control in the back end voters
Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...
GHSA-7M47-R75R-CX8V Contao applies improper access control in the back end voters
Impact The table access voter in the back end doesn't check if a user is allowed to access the corresponding module. Patches Update to Contao 5.3.38 or 5.6.1. Workarounds Do not rely solely on the voter and additionally check USERCANACCESSMODULE. For more information If you have any questions or...
PT-2025-35104
Name of the Vulnerable Software and Affected Versions: Contao versions 5.0.0 through 5.3.37 Contao versions 5.6.0 through 5.6.0 Description: The table access voter in the back end does not verify if a user has permission to access the corresponding module. As a workaround, do not solely rely on t...
Contao 安全漏洞
Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management, and CSS frameworks. A security vulnerability exists in Contao version 5.3.38 and versions prior to 5.6.1, which stems from the possibility of...
NVIDIA Triton Inference Server Python Out-of-Bounds Read Vulnerability
Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...
mall 安全漏洞
mall is an e-commerce system for macro individual developers, including the front-end mall system and the back-end management system. A security vulnerability exists in mall version 1.0.3, which stems from an improperly restricted authentication attempt...
SuiteCRM SQL注入漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a SQL injection vulnerability that stems from the InboundEmail module allowing arbitrary queries to be executed in the back-end database, which could lead to SQL injection...
NVIDIA Triton Inference Server 安全漏洞
Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...
NVIDIA Triton Inference Server 缓冲区错误漏洞
NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from an information disclosure vulnerability that is caused by an out-of-bounds read flaw in the...
Partner Software和Partner Software Partner Web 安全漏洞
Partner Software and Partner Software Partner Web are both products of Partner Software, a U.S.-based company.Partner Software is a geographic information system application.Partner Software Partner Web is a back-end system that provides review of reports on the Partner Software is a GIS...