1514 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: glibc: compat-libpthread-nonshared-2.42-12.hum1 aarch64, x8664 glibc-2.42-12.hum1 aarch64, x8664 glibc-all-langpacks-2.42-12.hum1 aarch64, x8664 glibc-benchtests-2.42-12.hum1 aarch64, x8664...
EUVD-2026-26245
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc.This issue affects helpy: 2.8.0...
CVE-2026-40230
CVE-2026-40230 (Helpy 2.8.0) : A stored cross-site scripting vulnerability exists in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc. This is tied to Helpy ve...
CVE-2026-7314
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...
CVE-2026-7314 eiceblue spire-doc-mcp-server base.py get_doc_path path traversal
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...
CVE-2026-7314 eiceblue spire-doc-mcp-server base.py get_doc_path path traversal
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...
CVE-2026-7314
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...
EUVD-2026-26151
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...
CVE-2026-7314
The CVE-2026-7314 vulnerability affects eiceblue spire-doc-mcp-server 1.0.0. It targets the function get_doc_path in src/spire_doc_mcp/api/base.py, where manipulating the document_name argument enables path traversal. The issue can be exploited remotely; the public exploit is available, and the p...
Spire.Doc MCP Server 路径遍历漏洞
Spire.Doc MCP Server is a tool provided by E-iceblue Product Family for individual developers, allowing them to work with Word documents without using Microsoft Word. Version 1.0.0 of Spire.Doc MCP Server contains a path traversal vulnerability. This vulnerability arises from the operation of the...
Spire.Doc MCP Server 路径遍历漏洞
Spire.Doc MCP Server is a tool provided by E-iceblue Product Family for individual developers, allowing them to work with Word documents without the need for Microsoft Word. Version 0.1.1 of Spire.Doc MCP Server contains a path traversal vulnerability. This vulnerability stems from the getpdfpath...
PT-2026-35827
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get doc path of the file src/spire doc mcp/api/base.py. Performing a manipulation of the argument document name results in path traversal. The attack can be initiated remotely. The exploit is now public...
PT-2026-34182
A vulnerability was identified in Sanluan PublicCMS up to 6.202506.d. Affected by this vulnerability is the function ZipSecureFile.setMinflateRatio of the file common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java. Such manipulation leads to resource consumption. It is possible to...
OPENSUSE-SU-2026:10596-1 python-lxml-doc-6.1.0-1.1 on GA media
These are all security issues fixed in the python-lxml-doc-6.1.0-1.1 package on the GA media of openSUSE Tumbleweed...
Malicious code in npm-doc-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8ae6448e13630c5243e98e1794e9b2f57b0e999d4c31687f0db0f1665496f9 The package npm-doc-deploy was found to contain malicious code. Source: ghsa-malware f7938c30cf6da645723648c4c43979c97d7c006933fb24ccab60154f1cc5d084...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: valkey: valkey-9.0.3-1.2.hum1 aarch64, x8664 valkey-compat-redis-9.0.3-1.2.hum1 noarch valkey-compat-redis-devel-9.0.3-1.2.hum1 noarch valkey-devel-9.0.3-1.2.hum1 aarch64, x8664...
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
CVE-2025-69627
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...
Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: uriparser: mingw32-uriparser-1.0.0-2.1.hum1 noarch mingw64-uriparser-1.0.0-2.1.hum1 noarch uriparser-1.0.0-2.1.hum1 aarch64, x8664 uriparser-devel-1.0.0-2.1.hum1 aarch64, x8664...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: glib2: glib2-2.88.0-1.1.hum1 aarch64, x8664 glib2-devel-2.88.0-1.1.hum1 aarch64, x8664 glib2-doc-2.88.0-1.1.hum1 aarch64, x8664 glib2-static-2.88.0-1.1.hum1 aarch64, x8664...