CVE-2025-15032

Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...

EUVD-2006-1551

Malware in sbrugna...

EUVD-2006-2454

Malware in sbrugna...

OPENSUSE-SU-2020:0021-1 Security update for dia

This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2019:3391-1 Security update for dia

This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194...

Dia Python插件使用不安全搜索路径漏洞

BUGTRAQ ID: 33448 CVECAN ID: CVE-2008-5984 Dia是开放源码的流程图软件。 Dia的Python插件使用了不可信任的搜索路径，在调用PySysSetArgv时Python向sys.path附加了空字符串。如果dia工作目录中的python文件名称与python脚本试图导入的文件名相同的话，就会导致在用户系统中执行任意代码。 GNOME Dia 0.96.1 厂商补丁： GNOME ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.mandriva.com/en/download/...

CVE-2008-5984

Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...