IBM Langflow Desktop 路径遍历漏洞

IBM Langflow Desktop is a desktop application for AI process orchestration developed by IBM. Versions of IBM Langflow Desktop prior to 1.8.4 contained a path traversal vulnerability. This vulnerability stemmed from directory traversal, allowing remote attackers to access arbitrary files by...

CVE-2026-23480 Blinko: Low Privilege User Privilege Escalation - upsertUser Endpoint

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability. The upsertUser endpoint has 3 issues: it is missing superAdminAuthMiddleware, any logged-in user can call it; the originalPassword is an optional parameter and if not provided...

Blinko 安全漏洞

Blinko is an open-source AI-based card-based note-taking app designed for users who want to quickly capture and organize fleeting ideas. Versions of Blinko prior to 1.8.4 contained a security vulnerability. This vulnerability stemmed from an insecure direct object reference in the user.detail...

Blinko 安全漏洞

Blinko is an open-source AI-based card-based note-taking application designed for users who want to quickly capture and organize fleeting ideas. Versions of Blinko prior to 1.8.4 contained security vulnerabilities. These vulnerabilities stemmed from deficiencies in the upsertUser endpoint,...

CVE-2021-26924

An issue was discovered in Argo CD before 1.8.4. Browser XSS protection is not activated due to the missing XSS protection header...

CVE-2016-10935

The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation...

PT-2024-24080 · Unknown +1 · Opencomputers +2

Name of the Vulnerable Software and Affected Versions: OpenComputers versions prior to 1.8.4 GregTech: New Horizons modpack versions prior to 1.10.10-GTNH Description: The issue allows a user to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the...

CVE-2024-25100

Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program allows Object Injection.This issue affects Coupon Referral Program: from n/a before 1.8.4...

PT-2023-29973 · Unknown · Prestashop +1

Name of the Vulnerable Software and Affected Versions: Product Tag Icons Pro versions prior to 1.8.4 Description: A guest can perform SQL injection in the module Product Tag Icons Pro for PrestaShop. The method TiconProduct::getTiconByProductAndTicon has sensitive SQL calls that can be executed...

WordPress plugin HD Quiz 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...

PT-2019-16059 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel versions prior to 1.8.4 Description: A heap-based buffer overflow was discovered in the image buffer resize function in fromsixel.c. Recommendations: For versions prior to 1.8.4, update to version 1.8.4 or later to resolve the issue...

[ASA-201710-15] go: arbitrary command execution

Arch Linux Security Advisory ASA-201710-15 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go before version...

wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)

Integer overflow in the dissectsackchunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a crafted Duplicate TSN count...

Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 (Windows)

This host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultvulndec12win.nasl 6022 2017-04-25 12:51:04Z teissa $ Wireshark Multiple Dissector Multiple Vulnerabilities - Dec12 Windows Authors: Rachana Shetty Copyright: Copyright c...