Spring Cloud AWS 数据伪造问题漏洞

Spring Cloud AWS is an open-source development framework from awspring, designed for integration with AWS cloud services within the Spring ecosystem. Versions 3.0.0 to 4.0.1 of Spring Cloud AWS contain a data manipulation vulnerability. This vulnerability stems from the lack of validation of the...

rauc 数据伪造问题漏洞

RAUC is a security update controller for open-source embedded Linux systems developed by RAUC. Versions of RAUC prior to 1.15.2 had a data manipulation vulnerability. This vulnerability arises from using plaintext formats, and when a RAUC bundle with an effective payload size exceeding 2 GiB is...

CVE-2025-30410

Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 39870, Acronis Cyber Protect 16 Linux, macOS, Windows before build 39938, Acronis Cyber Protect 15 Linux, macOS,...

OpenProject data falsification vulnerability

OpenProject is an open-source web-based project management software. In versions 17.0.0 to 17.0.2 of OpenProject, there was a data manipulation vulnerability. This vulnerability stemmed from the fact that the synchronization server did not correctly verify the backend URL, which could lead to the...

CVE-2025-8838

WinterChenS my-site (Backend Interface) is affected in the preHandle function for /admin/. The flaw arises from manipulating the uri argument, causing improper authentication. Exploitation is described as remote and publicly disclosed, with the real existence of the vulnerability doubted in some ...

CVE-1999-0758

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL...

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

Issuetrak 安全漏洞

Issuetrak is an issue tracking software from Issuetrak, Inc. A security vulnerability exists in Issuetrak version 17.1, which stems from the presence of a hidden field manipulation vulnerability, whereby when an authenticated user submits a work order, the request may be intercepted and...

DEBIAN-CVE-2017-6501

An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference...

Moderate: Red Hat Security Advisory: openstack-glance security update

Updated openstack-glance packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0, 6.0, and 7.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...