10 matches found
Summarize 安全漏洞
Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from an authorization flaw in the content script’s window.postMessage bridging mechanism, which could allow...
Unity Linux 20.1070e Security Update: python-xmltodict (UTSA-2026-007093)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007093 advisory. XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. Tenable has extracted the preceding...
UBUNTU-CVE-2025-9375
XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by the vendor on the grounds that xmltodict.unparse delegates element-name handling to Python's xml.sax.saxutils.XMLGenerator,...
CVE-2025-9375
XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by the vendor on the grounds that xmltodict.unparse delegates element-name handling to Python's xml.sax.saxutils.XMLGenerator,...
PT-2025-5335 · Unknown +1 · Writefreely +1
Name of the Vulnerable Software and Affected Versions: WriteFreely versions 0.15.1 and earlier Description: The issue allows local users to discover credentials by reading the config.ini file when MySQL is used. This is due to insecure default configuration access. Recommendations: For versions...
PT-2023-31535 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.15.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the usememos/memos repository. It affects the getimage endpoint. No information is provided about the estimated number of...
DEBIAN-CVE-2021-33589
Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...
UBUNTU-CVE-2021-33589
Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...
Ribose RNP 安全漏洞
Ribose RNP is an application from Ribose, Inc. A security vulnerability exists in Ribose RNP versions prior to 0.15.1 that stems from the lack of implementation of a required step in the cryptographic algorithm, resulting in faulty encryption and leaving the key in the plaintext state...
Buffer overflow
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...