pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev97 contained security vulnerabilities. These vulnerabilities stemmed from the use of incorrect option names in the ADMINONLYCOREOPTIONS authorization set within the setconfigvalue function. As a...

EUVD-2026-19360

Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config admin.go, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication,...

Incorrect Implementation of Authentication Algorithm

Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm due to the authentication and issue-key path restrictions are not properly enforced. An attacker can impersonate another user and send authenticated GET and POST requests to the Jira...

EUVD-2007-2869

Malware in sbrugna...

UBUNTU-CVE-2025-22241

File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...

Node.js third-party modules: [keyd] Prototype pollution

I would like to report a prototype pollution vulnerability in keyd module. It allows an attacker to inject properties on Object.prototype. Module module name: keyd version: 1.3.4 npm page: https://www.npmjs.com/package/keyd Module Description A small library for using and manipulating key paths i...

CVE-2017-8442

Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as part of an authentication realm. This could allow an authenticated...

CVE-2007-2877

Buffer overflow in tcl/win/tclWinReg.c in Tcl Tcl/Tk before 8.5a6 allows local users to gain privileges via long registry key paths...

Buffer overflow

Buffer overflow in tcl/win/tclWinReg.c in Tcl Tcl/Tk before 8.5a6 allows local users to gain privileges via long registry key paths...

CVE-2007-2877

Buffer overflow in tcl/win/tclWinReg.c in Tcl Tcl/Tk before 8.5a6 allows local users to gain privileges via long registry key paths...

PT-2007-4179 · Tcl +1 · Tcltk +1

Name of the Vulnerable Software and Affected Versions: Tcl/Tk versions prior to 8.5a6 Description: A buffer overflow issue exists, allowing local users to gain privileges through long registry key paths. Recommendations: For versions prior to 8.5a6, update to version 8.5a6 or later to resolve the...