4 matches found
CVE-2025-68137
EVerest before version 2025.10.0 is affected by an integer overflow in SdpPacket::parse_header(). After reading an 8-byte header, the remaining length can be set to 7, and the calculation of the remaining length yields a negative value that is interpreted as SIZE_MAX. This can cause an infinite l...
Everest-core security vulnerabilities
Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of Everest-core prior to 2025.10.0 contained security vulnerabilities. These vulnerabilities stemmed from modules failing to close and destroy previously created objects wh...
Black Duck SCA 安全漏洞
Black Duck SCA is a software composition analysis tool from Black Duck USA. A security vulnerability exists in Black Duck SCA versions prior to 2025.10.0 that stems from an overly broad configuration of user role permissions, which could lead to unauthorized project configuration changes or acces...
Vickey 安全漏洞
Vickey is a microblogging platform open-sourced by Whimsies YATeam. A security vulnerability exists in Vickey versions prior to 2025.10.0 that stems from an unexpired email confirmation link that can be reused, potentially resulting in verified email addresses receiving duplicate confirmation...