14 matches found
ImageMagick 资源管理错误漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 6.9.13-50 and 7.1.2-25 contained a resource management vulnerability. This vulnerability stemmed from...
AutoGPT 安全漏洞
AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. Versions of AutoGPT prior to 0.6.59 contained a security vulnerability. This vulnerability stemmed from the POST /api/blocks/blockid/execute endpoint, which allowed unlimited free execution...
CVE-2026-32238
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient...
Soft Serve 安全漏洞
Soft Serve is a self-hostable command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.10.0, which stems from not removing ANSI escape sequences and not cleaning up git messages, which could lead to a fake alert attack...
WordPress plugin Bot Block – Stop Spam Referrals in Google Analytics 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blogs on PHP and MySQL based...
Linux Distros Unpatched Vulnerability : CVE-2020-2929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to...
FreeBSD : Apache httpd -- evaluation always true (fb08d146-752a-11f0-952c-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fb08d146-752a-11f0-952c-8447094a420f advisory. The Apache httpd project reports: 'RewriteCond expr' always evaluates to true in 2.4.64. Tenable has...
SCONE Confidential Computing Platform Security Vulnerability
SCONE Confidential Computing Platform is an open source platform for implementing confidential computing from SCONE, Germany. A security vulnerability exists in SCONE Confidential Computing Platform versions prior to v5.8.0, which stems from incorrect initialization of the x87 and SSE...
PT-2023-24675 · Unknown · Fast-Xml-Parser
Name of the Vulnerable Software and Affected Versions: fast-xml-parser versions prior to 4.2.4 Description: The issue allows special characters in entity names, which are not escaped or sanitized. This can be abused for denial of service DoS attacks by crafting an entity name that results in an...
3CX 安全漏洞
3CX is a software open standards-based IP PBX an IP-based corporate phone system that provides complete unified communications. A security vulnerability exists in 3CX version 18.12.416 and earlier, which stems from the inclusion of embedded malicious code...
DLS 路径遍历漏洞
DLS is a GUI-based deep learning platform open-sourced by SummaLabs. DLS version 0.1.0 and previous versions have a security vulnerability , the vulnerability stems from Flask sendfile function call incorrectly leads to absolute path traversal...
UBUNTU-CVE-2021-30130
phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS1 v1.5 signature verification...
UBUNTU-CVE-2018-16843
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngxhttpv2module not compiled by default if the 'http2' option of the 'listen' directive is used in a configuratio...
net-snmp: snmpd crashes/hangs when AgentX subagent times-out
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service crash or infinite loop, CPU consumption, and hang by causing the AgentX subagent to timeout...