57 matches found
CVE-2018-25305
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...
Convert 安全漏洞
Convert is an online file format conversion tool developed by p2r3 individuals. Convert has a security vulnerability, which stems from improper handling of parameters pathname in the component API functions of the buildCache.js file. This could lead to path traversal attacks...
EUVD-2007-5358
Malware in sbrugna...
EUVD-2025-6788
Malicious code in bioql PyPI...
EUVD-2025-6793
Malicious code in bioql PyPI...
EUVD-2025-6792
Malicious code in bioql PyPI...
EUVD-2023-29843
Malicious code in bioql PyPI...
EUVD-2025-6795
Malicious code in bioql PyPI...
EUVD-2025-6784
Malicious code in bioql PyPI...
EUVD-2025-6796
Malicious code in bioql PyPI...
EUVD-2025-6797
Malicious code in bioql PyPI...
CVE-2025-47868 Apache NuttX RTOS: tools/bdf-converter.: tools/bdf-converter: Fix loop termination condition.
Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active...
CVE-2025-27786
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file removal in core.py. outputttspath in tts.py takes arbitrary user input and passes it to runttsscript function in core.py, which checks if the path in outputttspath exists, and if yes, removes that...
CVE-2025-27782
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of...
CVE-2025-27784
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file read in train.py's exportpth function. This issue may lead to reading arbitrary files on the Applio server. It can also be used in conjunction with blind server-side request forgery to read files...
CVE-2025-27779
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelblender.py lines 20 and 21. modelfusiona and modelfusionb from voiceblender.py take user-supplied input e.g. a path to a model and pass that value to the runmodelblenderscript and...
CVE-2025-27778
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in infer.py. The issue can lead to remote code execution. As of time of publication, a fix is available on the main branch of the Applio repository but not attached to a numbered release...
CVE-2025-27774 Applio allows SSRF and file write in model_download.py
Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 156 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...
CVE-2025-27775 Applio allows SSRF and file write in model_download.py
Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 143 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...
CVE-2025-27776 Applio allows SSRF and file write in model_download.py
Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 240 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...