GestioIP - Reflected Cross-Site Scripting

GestioIP v3.5.7 contains a reflected cross-site scripting caused by unsanitized input in the ipdojob request, letting attackers execute scripts in the victim's browser, exploit requires specific user permissions. id: CVE-2024-50857 info: name: GestioIP - Reflected Cross-Site Scripting author:...

EUVD-2025-197656

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function dojob of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument webhookurl can lead to server-side request...

CVE-2025-13174

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function dojob of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument webhookurl can lead to server-side request...

PT-2022-37215 · Blosc2 · Blosc2

Name of the Vulnerable Software and Affected Versions: blosc2 affected versions not specified Description: The issue is related to a heap-buffer-overflow crash. Technical details about the crash include the do job function, blosc compress context, and blosc2 compress. Recommendations: At the...

PT-2022-37201 · Blosc2 · Blosc2

Name of the Vulnerable Software and Affected Versions: blosc2 affected versions not specified Description: The issue is related to a heap-buffer-overflow write error. Technical details about the crash include the do job function, blosc compress context, and blosc2 compress ctx. Recommendations: A...