PT-2025-5755 · Unknown · @Zag-Js/Core

Name of the Vulnerable Software and Affected Versions: @zag-js/core version 0.50.0 Description: A prototype pollution issue in the lib.deepMerge function allows attackers to cause a Denial of Service DoS by supplying a crafted payload. Recommendations: For @zag-js/core version 0.50.0, consider...

CVE-2024-48903

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

MAL-2025-1107 Malicious code in deep-links-movie-tutorial (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34a840de253ee6e7e6e03231c495a2d90bdaf338bf107fba5ed290ed21136e8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in deep-links-movie-tutorial (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34a840de253ee6e7e6e03231c495a2d90bdaf338bf107fba5ed290ed21136e8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

nDPI 安全漏洞

NTOP nDPI is an open source library for deep packet inspection from NTOP Italy. A security vulnerability exists in nDPI version 4.12 and earlier, which stems from a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c. The vulnerability is caused by a potential...

PT-2025-5670 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to a segmentation fault on an unknown address. The crash occurred in the ndpi free flow data function, which is located in the...

Path Traversal

Deep Java Library DJL is vulnerable to a Path Traversal. The vulnerability is due to insufficient validation of file paths in the ZipUtils.unzip and TarUtils.untar methods, allows an attacker to manipulate file paths, enabling them to write files to arbitrary locations on the system...

Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

GHSA-JCRP-X7W3-FFMG Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

CVE-2025-0851

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851 Path traversal issue in Deep Java Library

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851 Path traversal issue in Deep Java Library

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851

CVE-2025-0851 affects Deep Java Library (DJL): the unzip (ZipUtils) and untar (TarUtils) extraction utilities contain a path traversal flaw that can cause artifacts to be written outside the intended destination when extracting archives. Affected versions are DJL 0.1.0 through 0.31.0; the issue i...

PT-2025-4075

Name of the Vulnerable Software and Affected Versions Deep Java Library DJL versions 0.1.0 through 0.31.0 Description A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations. This issue exists d...

Deep Java Library 安全漏洞

Deep Java Library is an open source, high-level, engine-independent deep learning Java framework from Deep Java Library Open Source. A security vulnerability exists in Deep Java Library versions prior to 0.31.1, which stems from a path traversal issue in ZipUtils.unzip and TarUtils.untar that...

Deep Java Library path traversal issue

Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library. DJL...

GHSA-W5HQ-HM5M-4548 Cross Site Scripting vulnerability in store2

Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component...

nbubna store 跨站脚本漏洞

nbubna store is a library of methods by Nathan Bubna Personal Developer. A security vulnerability exists in nbubna store version v.2.14.2 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code via the store.deep.js component...

CVE-2024-55921 Cross-Site Request Forgery in Extension Manager Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...