105 matches found
编号撤回
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. This CVE number has been withdrawn...
CVE-2024-42346
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All...
CVE-2024-56137
CVE-2024-56137 affects MaxKB (open source knowledge-base Q&A with LLM and RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the function library module, allowing privileged users to execute OS commands within custom scripts. The issue has been fixed in v1.9.0. Curre...
Ruifang-tech Rebuild 代码注入漏洞
Ruifang-tech Rebuild is a zero-code, open-source and free enterprise management system from China Ruifang Ruifang-tech. A code injection vulnerability exists in Ruifang-tech Rebuild version 3.8.6, which stems from a misuse of the parameter description that can lead to cross-site scripting...
Unspecified vulnerability in Linux kernel (CNVD-2024-46419)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from faulty block size validation in the sctpsfootb function. No details of the vulnerability are provided at thi...
编号撤回
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. This CVE number has been withdrawn...
itsourcecode Online Tours and Travels Management System 安全漏洞
itsourcecode Online Tours and Travels Management System is itsourcecode open source an online travel management system . A security vulnerability exists in itsourcecode Online Tours and Travels Management System v1.0, which originates from a SQL injection vulnerability in the val-email parameter ...
CVE-2024-42351 Possible Data Tampering & Loss of Public Datasets in Galaxy
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the contents of public datasets resulting in data loss or tampering. All supported branches of Galaxy and...
Hertzbeat 安全漏洞
Hertzbeat is an open source real-time monitoring system from the dromara organization. A security vulnerability exists in Hertzbeat prior to version 1.6.0 that stems from an insecure deserialization issue in the /api/monitors/import location that could lead to remote code execution...
Unspecified Vulnerability in ChurchCRM (CNVD-2024-35648)
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 5.5.0 that stems from a time-based SQL blind injection vulnerability in the CurrentFundraiser GET parameter of the FRCatalog.php page. No details of the vulnerability are provided at this tim...
Number withdrawn
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. This CVE number has been withdrawn...
ECShop SQL Injection Vulnerability (CNVD-2024-26111)
ShopeX ECShop is an open source mall system of the Chinese business school ShopeX company . Support PC + H5 + APP + small program mall, source code free download experience, suitable for enterprise development and build mall. ECShop SQL injection vulnerability , the vulnerability stems from...
Number withdrawn
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. This CVE number has been withdrawn...
Number withdrawn
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. This CVE number has been withdrawn...
CRMEB Path Traversal Vulnerability
Zhongbang CRMEB is an open source e-commerce management system from Xi'an Zhongbang Networks Zhongbang. CRMEB 5.2.2 version of the path traversal vulnerability , the vulnerability stems from the file /adminapi/system/crud save/delete function has a path traversal vulnerability...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code issue vulnerability that can be exploited by an attacker to cause a local privilege escalation without the need for additional execute privileges...
Apache Fineract Server Request Forgery Vulnerability
Apache Fineract is an open source system for platformizing core banking systems. A reliable, robust and affordable financial services solution for entrepreneurs, financial institutions and service providers. A server-side request forgery vulnerability exists in Apache Fineract versions 1.4 throug...
CVE-2023-27472
quickentity-editor-next is an open source, system local, video game asset editor. In affected versions HTML tags in entity names are not sanitised XSS vulnerability. Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag ...
maccms10 代码问题漏洞
maccms10 is magicblack open source PHP+MYSQL environment using a set of perfect and powerful rapid site building system . maccms10 2021.1000.2000 version of the code problematic vulnerability , the vulnerability stems from its allows attackers to achieve server-side request forgery...
ctrlo lenio 安全漏洞
lenio is an open source facility management system from ctrlo. A security vulnerability exists in ctrlo lenio, which stems from some unknown functions in its views/contractor.tt file that operate on the parameter contractor.name allowing an attacker to implement cross-site scripting...