thymeleaf 安全漏洞

Thymeleaf is an open-source Java template engine developed by Thymeleaf projects. Versions of Thymeleaf 3.1.3.RELEASE and earlier contain security vulnerabilities. These vulnerabilities stem from a security bypass in the expression execution mechanism; certain syntax patterns are not properly...

CVE-2025-15453

Milvus up to 2.6.7 is affected in the HTTP Endpoint component: the expr.Exec in pkg/util/expr/expr.go can deserialize crafted input, enabling remote code execution. Public exploit exists; remote exploitation may occur with a crafted code parameter sent to /expr, as noted by multiple sources. Reme...

CVE-2025-15453 milvus HTTP Endpoint expr.go expr.Exec deserialization

A security vulnerability has been detected in milvus up to 2.6.7. This vulnerability affects the function expr.Exec of the file pkg/util/expr/expr.go of the component HTTP Endpoint. The manipulation of the argument code leads to deserialization. Remote exploitation of the attack is possible. The...

milvus 代码问题漏洞

milvus is a high-performance cloud-native vector database open-sourced by The Milvus Project. A code issue vulnerability exists in milvus version 2.6.7 and earlier, which stems from the incorrect manipulation of the parameter code of the function expr.Exec in the file pkg/util/expr/expr.go of the...

EUVD-2024-2917

Malicious code in bioql PyPI...

Unspecified vulnerability in Lunary (CNVD-2025-06939)

Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary version be54057 that stems from allowing users to upload and execute arbitrary regular expressions, which can be exploited by an attacker to potentially cause a denial of service...

SUSE CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...

PT-2022-1455 · Pypi +9 · Pillow +9

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 9.0.1 Description: The issue allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used, potentially enabling a remote attacker to execute arbitrar...

Apache Archiva 1.2.x <= 1.2.2 / 1.3.x <= 1.3.6 Multiple Vulnerabilities

According to its self-reported version, the instance of Apache Archiva hosted on the remote web server is 1.2.x prior than or equal to 1.2.2 or 1.3.x prior than or equal to 1.3.6 and thus is affected by the following vulnerabilities : - An input validation error exists related to unspecified...

I and expression of the day and is Day-vulnerability warning-the black bar safety net

When you first use the expression the way toxss, you definitely dumbfounded, and kept the bomb box, can't close the browser, eventually you can only sacrifice the task Manager the process ends. Maybe your Other TAB pages are filled to the half has not yet submitted the form, you will be expressio...