vLLM 代码注入漏洞

vLLM is a vLLM open source high throughput and memory efficient inference and service engine for LLM. A code injection vulnerability exists in vLLM versions prior to 0.11.1 that stems from the presence of a remote code execution vector in the NemotronNanoVLConfig configuration class, which could...

EUVD-2021-2594

Malware in sbrugna...

EUVD-2008-2359

Malware in sbrugna...

EUVD-2024-0913

Malicious code in bioql PyPI...

EUVD-2024-50260

Malicious code in bioql PyPI...

RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

CVE-2019-19849

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel Backend Module: DB...

Laundry Management System 授权问题漏洞

Laundry Management System is a laundry management system. An authorization issue vulnerability exists in Online Laundry Management System version 1.0, which stems from an improper authorization vulnerability in the adminclass.php file...

CodeIgniter 安全漏洞

CodeIgniter is an open source web framework written in the PHP language. A security vulnerability exists in CodeIgniter v4.4.7 and earlier versions, which stems from a security issue contained in the Language class, and can be exploited by an attacker to consume large amounts of server memory...

Moderate: python-mako security update

Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fixes: mako: REDoS in Lexer class CVE-2022-40023 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

Faculty Evaluation System SQL注入漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Faculty Evaluation System version 1.0, which stems from an SQL injection issue in the id parameter of ajax.php?action=deleteclass...

Video Sharing Website SQL注入漏洞

Video Sharing Website is a video sharing website. A SQL injection vulnerability exists in Campcodes Video Sharing Website version 1.0, which stems from a problem with the file adminclass.php, where manipulation of the parameter email can lead to sql injection...

Automatic Question Paper Generator System SQL注入漏洞

Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which is caused by unknown code in admin/courses/viewclass.p...

Path traversal

"Sametime Android potential path traversal vulnerability when using File class"...

CVE-2021-43697

Workerman-ThinkPHP-Redis last update Mar 16, 2018 is affected by a Cross Site Scripting XSS vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $GETC'VARJSONPHANDLER' then there is a XSS vulnerability...

Ubuntu 16.04 ESM : Python vulnerabilities (USN-5083-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5083-1 advisory. It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only...

Denial of Service (DoS)

Overview bindata is a BinData is a declarative way to read and write binary file formats. This means the programmer specifies what the format of the binary data is, and BinData works out how to read and write data in this format. It is an easier and more readable alternative to ruby's pack and...

Information disclosure

An information disclosure vulnerability was discovered in /index.class.php via port 8181 on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system...

CVE-2017-3058

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution...

phpwechat upload.class.php arbitrary file upload vulnerability

phpwechat is a simple framework for building a PC website + wechat public platform. phpwechat upload.class.php exists arbitrary file upload vulnerability, due to the program fails to check the data submitted by visitors or filtering is not strict, you can directly submit modified data to bypass t...