223 matches found
PT-2026-23488
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.2 Description Gogs, a self-hosted Git service, is affected by a DOM-Based Cross-Site Scripting XSS issue. An attacker can inject an HTML/JavaScript payload into a repository’s Milestone name. When another user selec...
GHSA-M86R-WR74-693H AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability
A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...
CVE-2023-40816
OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field...
CVE-2019-12429
An issue was discovered in GitLab Community and Enterprise Edition 11.9 through 11.11. Unprivileged users were able to access labels, status and merge request counts of confidential issues via the milestone details page. It has Improper Access Control...
PT-2026-1508
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.20 GitHub Enterprise Server versions 3.14.20 GitHub Enterprise Server versions 3.15.15 GitHub Enterprise Server versions 3.16.11 GitHub Enterprise Server versions 3.17.8 GitHub Enterprise Server...
CVE-2025-0836
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...
CVE-2025-0836
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...
CVE-2025-0836 XProtect MIP API Missing Authorization
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...
CVE-2025-0836 XProtect MIP API Missing Authorization
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...
CVE-2025-0836
CVE-2025-0836 – Milestone XProtect VMS is described as a Missing Authorization vulnerability where users with read-only access to the Management Server can obtain full read/write access to the MIP Webhooks API. The issue is documented across multiple feeds (NVD, Red Hat, ENISA EUVD, CVE and vendo...
Milestone Systems XProtect VMS 安全漏洞
Milestone Systems XProtect VMS is a video management software from Milestone Systems, USA. A security vulnerability exists in Milestone Systems XProtect VMS that stems from an authorization gap that could result in a read-only user gaining full read and write access to the MIP Webhooks API...
PT-2025-51471
Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API...
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits
With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million...
EUVD-2018-6513
Malware in sbrugna...
EUVD-2018-11185
Malware in sbrugna...
EUVD-2018-19603
Malware in sbrugna...
EUVD-2020-5543
Malware in sbrugna...
EUVD-2025-26642
Malicious code in bioql PyPI...
EUVD-2023-3017
Malicious code in bioql PyPI...
EUVD-2024-50965
Malicious code in bioql PyPI...