PT-2026-38653

Name of the Vulnerable Software and Affected Versions SourceCodester SUP Online Shopping version 1.0 Description An issue exists in the file '/admin/message.php' where the manipulation of the seenid argument allows for SQL injection, a technique used to interfere with the queries that an...

EUVD-2026-25774

A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...

Langflow 安全漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow 1.8.3 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the file...

CVE-2025-64712 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitra...

Unstructured 安全漏洞

Unstructured is an open-source preprocessing tool for unstructured data developed by Unstructured. Versions of Unstructured prior to 0.18.18 contained a security vulnerability due to a path traversal vulnerability in the partitionmsg function. This vulnerability could allow arbitrary files to be...

CVE-1999-0879

Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file...

Directory Traversal

Overview unstructured is an A library that prepares raw documents for downstream ML tasks. Affected versions of this package are vulnerable to Directory Traversal via the partitionmsg function’s handling of attachment filenames in email MSG files. An attacker can exploit this vulnerability by...

HDF5 H5Omessage.c H5O_msg_flush heap-based overflow

...

EulerOS 2.0 SP11 : grub2 (EulerOS-SA-2025-1954)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers...

code-projects Public Chat Room 注入漏洞

Code-Projects Public Chat Room is an open source public chat room software from Code-Projects. An injection vulnerability exists in code-projects Public Chat Room version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file sendmessage.php...

PT-2024-35238 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue affects the processing of the file /view/unread msg.php, where the manipulation of the my index argument leads to SQL injection. This issue can be...

CVE-2024-0189

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teachermessage.php of the component Create Message Handler. The manipulation of the argument Content with the input alertx leads to cross...

RRJ Nueva Ecija Engineer Online Portal Cross-Site Scripting Vulnerability

RRJ Nueva Ecija Engineer Online Portal is an online portal for engineers from RRJ Nueva Ecija. A cross-site scripting vulnerability exists in RRJ Nueva Ecija Engineer Online Portal version 1.0, which stems from the parameter Content in the file teachermessage.php that leads to cross-site scriptin...

PT-2023-32002 · Unknown +1 · Sourcecodester Engineers Online Portal +1

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A critical issue has been found in the file remove inbox message.php, where the manipulation of the id argument leads to SQL injection. This can be initiated remotely. The issue...

PT-2023-24436 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.2 Description: A use-after-free issue exists due to improper data tracing. This can be triggered by calling the function nni mqtt msg get publish property in the file mqtt msg.c, potentially allowing an attacker to cause a...

PT-2023-24437 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.2 Description: A heap buffer overflow issue exists, which can be triggered by calling the function nni msg get pub pid in the file message.c. This can lead to a denial of service attack. Recommendations: For NanoMQ version...

SUSE CVE-2017-6418

libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted e-mail message...

SUSE CVE-2018-9274

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failuremessage.c has a memory leak...

[SECURITY] Fedora 36 Update: golang-github-nicksnyder-i18n-2-2.1.2-5.fc36

go-i18n is a Go package and a command that helps you translate Go programs in to multiple languages. - Supports pluralized strings for all 200+ languages in the Unicode Common Locale Data Repository CLDR. - Code and tests are automatically generated from CLDR data. - Supports strings with named...

Google protobuf 代码问题漏洞

Google protobuf is a data interchange format from Google, Inc. A code issue vulnerability exists in Google protobuf that stems from Nullptr dereferencing when null characters are present in the original symbol. The symbols are parsed incorrectly, resulting in an unchecked call to the name of the...