Microsoft Office 代码问题漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A code issue vulnerability exists in Microsoft Office. An attacker exploiting this...

omni 信息泄露漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. An information disclosure vulnerability exists in omni versions prior to 1.1.5 and prior to 1.0.2, which stems from an API that may disclose sensitive information...

Omni 安全漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. A security vulnerability exists in Omni versions prior to 1.1.5 and prior to 1.0.2, which stems from the isSensitiveSpec function not checking if the metadata field of resource is null, which could lead to null pointer...

extloader

extLoader A small toolkit for managing and deploying unpacked...

executorch 安全漏洞

executorch is a PyTorch deployment tool from pytorch open source. A security vulnerability exists in executorch that stems from a heap buffer overflow when loading ExecuTorch methods, which could lead to code execution...

ROS-20250424-12

A vulnerability in the eval function of the Cloud Deployment and Query Tool modules of the database management tool pgAdmin 4 is related to incorrect code generation control when processing endpoints /sqleditor/querytool/download and /cloud/deploy with querycommitted and highavailability...

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from a cookie using the wrong expiration time...

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

Design/Logic Flaw

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to a Cross‑Site Scripting (XSS) vulnerability in the Deployment tool (Add Agent/Proxy). The issue affects Nagios XI deployments prior to 5.7.5 and is described across multiple sources (CVE-2020-27990; CNVD-2020-63972). Root cause and exact exploit details are ...

wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)

It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution...

ceph-deploy admin command copies keyring file to /etc/ceph which is world readable

It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...

Language Accessory Pack for Microsoft 365

Language Accessory Pack for Microsoft 365 Language packs add additional display, help, and proofing tools to Microsoft 365. You can install additional language accessory packs after installing Microsoft 365. If a language accessory pack is described as having partial localization, some parts of...

Multiple HP Ignite-UX deployment tool vulnerabilities

/etc/passwd copy is available via TFTP, TFTP filesystem is world writable...