CVE-2026-2943

A vulnerability was identified in SapneshNaik Student Management System up to f4b4f0928f0b5551a28ee81ae7e7fe47d9345318. This impacts an unknown function of the file index.php. Such manipulation of the argument Error leads to cross site scripting. The attack can be launched remotely. The exploit i...

EUVD-2021-2179

Malware in sbrugna...

EUVD-2005-3221

Malware in sbrugna...

EUVD-2021-2143

Malware in sbrugna...

EUVD-2011-3681

Malware in sbrugna...

EUVD-2021-3254

Malicious code in bioql PyPI...

GHSA-MJQP-26HC-GRXG Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy Check

Summary Picklescan's ability to scan ZIP archives for malicious pickle files is compromised when the archive contains a file with a bad Cyclic Redundancy Check CRC. Instead of attempting to scan the files within the archive, whatever the CRC is, Picklescan fails in error and returns no results...

jq 资源管理错误漏洞

jq is a lightweight and flexible command-line JSON processor from jqlang open source. A resource management error vulnerability exists in jq version 1.8.0, which stems from a post-release reuse issue in the function fstrflocaltime in the file /src/builtin.c. The vulnerability is caused by the use...

CVE-2011-3792

Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functionsfeeds.php and certain other files...

CVE-2011-3700

Advanced Electron Forum AEF 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopiclang.php...

CVE-2011-3800

Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files...

CVE-2011-3751

LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php...

CVE-2022-47112

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...

CVE-2025-30474 Apache Commons VFS: Failing to find an FTP file can reveal the URI's password in an error message

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password. The fix is to mask the password in the exception messag...

GHSA-W6MR-MJ53-X258 Duplicate Advisory: Zip Exploit Crashes Picklescan But Not PyTorch

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7q5r-7gvp-wc82. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting t...

uberAgent service stops after a few seconds

Windows' Services console shows that uberAgent service is not running. When manually started, the service starts and stops after a few seconds. uberAgent log file located in C:\Windows\Temp default location shows the issue with network driver startup. Example: 2025-03-01 17:28:33.013 +0200,INFO...

unzip bug fix update

An update is available for unzip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unzip utility is used to list, test, and extract files from zip archives. B...

Fail to open the recorded session file using the old version Session Recording Player

"The recorded session file requires a newer version of the Session Recording Player for playback" error message was shown when opening the recorded session file. The error message was shown as below...

CVE-2024-8571

A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...

CVE-2024-42138

In the Linux kernel, the following vulnerability has been resolved: mlxsw: corelinecards: Fix double memory deallocation in case of invalid INI file In case of invalid INI file mlxswlinecardtypesinit deallocates memory but doesn't reset pointer to NULL and returns 0. In case of any error occurred...