EUVD-2025-205815

Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...

Linux Distros Unpatched Vulnerability : CVE-2018-7688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects wher...

Linux Distros Unpatched Vulnerability : CVE-2020-25693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input...

WordPress Yogi theme < 2.9.3 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Bonds in WordPress Theme Yogi versions 2.9.3...

PT-2024-10044 · Rancher +1 · Rancher +1

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to 2.8.9 Rancher versions prior to 2.9.3 Rancher versions 2.7.0 through 2.7.x Description: A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container...

PT-2024-5041 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.9.3 Description: The issue is related to the lack of protection for the web page structure in the Provider component of Apache Airflow, allowing an authenticated attacker to inject a malicious link when...

PT-2024-18131 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow versions prior to 2.9.3 Description: A path traversal issue exists in the artifact deletion functionality of the mlflow repository. This is due to an extra unquote operation in the delete artifacts function of local artifact repo.py,...

CVE-2023-37187

C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfpaccdecompress. function...

UBUNTU-CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

libxml2 heap buffer overflow vulnerability (CNVD-2015-08399)

libxml2 is an XML parser and markup toolset. A heap buffer overflow vulnerability exists in libxml2 versions prior to 2.9.3. An attacker is able to context-dependently obtain sensitive process memory information via unspecified vectors...

UBUNTU-CVE-2015-7497

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors...