Altium 365 访问控制错误漏洞

Altium 365 is a product design and development platform provided by the American company Altium. Altium 365 has a security vulnerability related to access control, which stems from the lack of authentication. This vulnerability could allow unauthenticated attackers to read, inject, modify, or...

CVE-2026-5003 PromtEngineer localGPT Web api_server.py handle_index information disclosure

A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This affects the function handleindex of the file ragsystem/apiserver.py of the component Web Interface. Performing a manipulation results in information disclosure. It is possible to initiate the...

PT-2026-27439

SQL injection in Solicitante::resetaSenha in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php...

📄 Control Web Panel 0.9.8.1208 Remote Code Execution

Control Web Panel CWP versions less than or equal to 0.9.8.1208 are vulnerable to unauthenticated OS command injection. User input passed via the "key" GET parameter to /admin/index.php when the "api" parameter is set is not properly sanitized before being used to execute OS commands. This can be...

aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +37 more potentially affected by CVE-2024-58339 via llama-index (>=0.10.0 <=0.12.22)

llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.1.0, =0.2.0 and more Source cves: CVE-2024-58339 Source advisory: OSV:PYSEC-2026-86...

CVE-2021-22333

There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions...

CVE-2025-15221

CVE-2025-15221 affects SohuTV CacheCloud up to version 3.2.0. The flaw resides in the index function of AppDataMigrateController.java (src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java), enabling cross-site scripting. Remote exploitation is possible, and an exploit has bee...

CVE-2025-15221 SohuTV CacheCloud AppDataMigrateController.java index cross site scripting

A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit ha...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-43858)

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2025-7707 World-Writable NLTK Cache Directory Vulnerability in run-llama/llama_index

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

EUVD-2008-1687

Malware in sbrugna...

EUVD-2021-22143

Malware in sbrugna...

EUVD-2019-14815

Malware in sbrugna...

EUVD-2014-0256

Malware in sbrugna...

EUVD-2013-1104

Malware in sbrugna...

EUVD-2015-7368

Malware in sbrugna...

EUVD-2008-0496

Malware in sbrugna...

EUVD-2022-48987

Malicious code in bioql PyPI...

EUVD-2025-16964

Malicious code in bioql PyPI...

EUVD-2025-26468

Malicious code in bioql PyPI...