PT-2025-41449

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev91 Description pyLoad is a free and open-source download manager written in Python. Versions prior to 0.5.0b3.dev91 have insufficient input validation in the web interface, specifically in the Captcha script...

pyLoad 安全漏洞

pyLoad is a free and open source download manager written in Python by pyLoad Open Source. A security vulnerability exists in pyLoad versions prior to 0.5.0b3.dev91, which stems from insufficient input validation in the Captcha script endpoint and Click N Load Blueprint, and could lead to...

Important: Red Hat Security Advisory: Satellite 6.16.5.4 Async Update

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

EUVD-2025-31847

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2022-50433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Don't free memory if ACPI table was loaded successfully Amadeusz reports KASAN...

Linux Distros Unpatched Vulnerability : CVE-2022-50466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak:...

RHEL 8 / 9 : Satellite 6.16.5.4 Async Update (Important) (RHSA-2025:17613)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17613 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessi...

Server-side Request Forgery (SSRF)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the loadfromurl and loadfromurlasync methods of the MediaConnector class, which fetch and process media from...

GHSA-3F6C-7FW2-PPM4 vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class

Summary A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows...

vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class

Summary A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows...

CVE-2025-57781

The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2025-6242

A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an...

CVE-2025-6242 Vllm: server side request forgery (ssrf) in mediaconnector

A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an...

CVE-2025-6242 Vllm: server side request forgery (ssrf) in mediaconnector

A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an...

CVE-2025-6242

The CVE-2025-6242 SSRF vulnerability targets vLLM's MediaConnector (load_from_url/load_from_url_async) allowing user-supplied URLs to trigger server-side requests to internal resources. Concrete details: the issue arises from insufficient host restriction on mediaURL fetches, enabling potential a...

EUVD-2025-32892

A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an...

EUVD-2025-32800

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nfcthelperhash uses after free If nfconntrackinitstart fails for example due to a registernfconntrackbpf failure, the nfconntrackhelperfini clean-up path frees the nfcthelperhash map. When built with...

EUVD-2021-19506

Malware in sbrugna...

EUVD-2009-3432

Malware in sbrugna...

EUVD-2003-0827

Malware in sbrugna...