90 matches found
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Swish-e vulnerabilities (USN-8240-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8240-1 advisory. It was discovered that Expat, vendored in Swish-e incorrectly handled certain files. An...
Incus 代码问题漏洞
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained code vulnerabilities due to lack of error handling. These vulnerabilities could allow authenticated users to cause the daemon process to crash by importing truncated backup files...
ROS-20260506-73-0026
Vulnerability in tomcat11 related to flaws in http request handling. Exploitation of the vulnerability may allow a remote attacker to send a hidden http request http request smuggling attack...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from operations on the file...
API Lab MCP 代码问题漏洞
API Lab MCP is an AI-driven API testing laboratory developed by YoungEun Lee. It supports natural language interaction and automatic documentation generation. Versions of API Lab MCP prior to 0.2.1 contained code vulnerabilities. These vulnerabilities were caused by incorrect parameter handling i...
MediaWiki - ProofreadPage Extension 安全漏洞
MediaWiki - ProofreadPage Extension is an open-source documentation comparison plugin for MediaWiki. The MediaWiki - ProofreadPage Extension has a security vulnerability, which stems from improper input during page generation. This vulnerability may lead to cross-site scripting attacks targeting...
GPT Researcher 代码问题漏洞
GPT Researcher is an AI-based deep research agent tool developed by Assaf Elovic as a personal development tool. Versions of GPT Researcher 3.4.3 and earlier have code vulnerabilities related to improper handling of parameters in the ws Endpoint component, which may lead to server-side request...
SourceCodester Online Quiz System 安全漏洞
The SourceCodester Online Quiz System is an open-source online Q&A system developed by SourceCodester. Versions of the SourceCodester Online Quiz System prior to 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of parameters in the file...
itsourcecode Free Hotel Reservation System 代码问题漏洞
itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has code-related vulnerabilities; these vulnerabilities stem from incorrect handling of parameters in the file admin/modamenities/index.php?view=add, which ma...
WordPress plugin LambertGroup - AllInOne - Banner with Thumbnails 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
USN-8054-1 djvulibre vulnerabilities
It was discovered that DjVuLibre could be forced to execute a division by zero in certain instances. A remote attacker could possibly use this issue to cause applications to stop responding or crash, resulting in a denial of service. CVE-2021-46312 It was discovered that DjVuLibre incorrectly...
CVE-2025-68843
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bas Schuiling FeedWordPress Advanced Filters faf allows Reflected XSS.This issue affects FeedWordPress Advanced Filters: from n/a through = 0.6.2...
Fedora 43 : chromium (2026-443f9ace49)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-443f9ace49 advisory. Update to 145.0.7632.75 CVE-2026-2441: Use after free in CSS CVE-2026-2313: Use after free in CSS CVE-2026-2314: Heap buffer overflow in Codecs...
Xerox CentreWare 安全漏洞
Xerox CentreWare is a network management software developed by the American company Xerox. Versions of Xerox CentreWare 7.0.6 and earlier contained security vulnerabilities, which were caused by improper input handling. These vulnerabilities could lead to stored-xss attacks...
Wikimedia VisualEditor 安全漏洞
Wikimedia VisualEditor is a visual editor developed by the Wikimedia Foundation. Versions of Wikimedia VisualEditor prior to 1.39.14, 1.43.4, and 1.44.1 contained security vulnerabilities due to improper input handling, which could lead to cross-site scripting attacks...
SAMSUNG Modem Exynos 安全漏洞
Samsung Modem Exynos is a series of modem chips developed by South Korea’s Samsung Corporation. The Samsung Modem Exynos 2025-08-29 and earlier versions have security vulnerabilities. These vulnerabilities stem from improper handling of NAS registration messages, which may lead to denial-of-servi...
MediaWiki 安全漏洞
MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.15, 1.43.5, and 1.44.2 contain security vulnerabilities...
ROS-20260113-7322
A vulnerability in the net/mac80211 component of the Linux operating system kernel is related to flaws in exceptional state handling. Exploitation of the vulnerability could allow an attacker to cause a denial of service...