Autodesk Fusion 跨站脚本漏洞

Autodesk Fusion is a data management software platform developed by Autodesk, Inc. in the United States. Autodesk Fusion has a cross-site scripting vulnerability, which stems from malicious HTML payloads in component names. This vulnerability may lead to stored-xss attacks, allowing attackers to...

EUVD-2025-201864

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

CVE-2025-61776

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

CVE-2025-61776 Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

Dependency-Track 安全漏洞

Dependency-Track is Dependency-Track's open source suite of intelligent supply chain component analysis platforms for identifying third-party component risks. A security vulnerability exists in Dependency-Track versions prior to 4.13.5, which stems from the possibility of sending private NuGet...

Open-AudIT Professional Cross-Site Scripting Vulnerability

Open-AudIT Professional is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Open-AudIT Professional version 2.1.1. A remote attacker can exploit this vulnerability to...