11 matches found
Remote Code Execution (RCE)
n8n is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient isolation in the workflow expression evaluation system, which allows an authenticated attacker to supply crafted expressions that are executed in the runtime context, enabling arbitrary code execution with th...
n8n 安全漏洞
n8n is a scalable workflow automation tool from n8n open source. A security vulnerability exists in n8n versions 0.211.0 through 1.120.4, 1.121.1, and prior to 1.122.0, which stems from insufficient isolation of the Workflow Expression Evaluation System, and could lead to remote code execution...
happy-dom 安全漏洞
happy-dom is a JavaScript implementation of a web browser without a graphical user interface by the individual developer David Ortner. A security vulnerability exists in happy-dom prior to version 20.0.2, which stems from insufficient isolation and could lead to prototype pollution attacks and...
EUVD-2025-17467
Malicious code in bioql PyPI...
CVE-2025-49131
The CVE-2025-49131 affects FastGPT’s sandbox container (fastgpt-sandbox) prior to 4.9.11. The issue is insufficient isolation and overly permissive syscalls that allow bypassing Python import restrictions, enabling reads/writes of arbitrary files and potential sandbox escape. A PoC exploit exists...
CVE-2019-13268
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To use this leakage ...
Insufficient Isolation of System-Dependent Functions
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Insufficient Isolation of System-Dependent Functions due to improper access control on the /api/v1/prompts/ and /api/v1/prompts/command/commandid interfaces. An attacker can view and retrieve prompt informati...
Mail.ru: Blind SSRF on sentry.dev-my.com due to Sentry misconfiguration
Insufficient isolation of Sentry installation could potentially lead to blind SSRF...
FreeBSD : chromium -- multiple vulnerabilities (8e986b2b-1baa-11e8-a944-54ee754af08e)
Google Chrome Releases reports : Several security fixes in this release, including : - 780450 High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - 787103 High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu @shhnjk on 2017-11-20 - 793620...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: Several security fixes in this release, including: 780450 High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 787103 High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu @shhnjk on 2017-11-20 793620 High...