CVE-2025-61028

A flaw was found in the virtuoso-opensource component. An attacker could exploit this vulnerability by sending specially crafted SQL statements, leading to a Denial of Service DoS condition. This could make the affected system unavailable to legitimate users...

CVE-2025-61024

A flaw was found in virtuoso-opensource. An attacker could send specially crafted SQL Structured Query Language statements to a specific component, sqlotryinloop, leading to a Denial of Service DoS. This could make the service unavailable to legitimate users. Mitigation To reduce the attack...

CVE-2025-61022

A flaw was found in openlink virtuoso-opensource. This issue, specifically within the sqlotbcolpreds component, allows attackers to cause a Denial of Service DoS by sending specially crafted SQL statements. This can lead to the unavailability of the service...

EUVD-2025-210323

An issue in the sqlotryinloop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

EUVD-2025-210320

An issue in the tsetpush component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

EUVD-2025-210314

An issue in the sqlokeypartbest component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2025-61022

An issue in the sqlotbcolpreds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2025-61020

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2025-61028

The CVE-2025-61028 entry describes an issue in the time_t_to_dt component of openlink virtuoso-opensource prior to or in version 7.2.11, where crafted SQL statements can trigger a Denial of Service. The available connected documents identify affected software as Virtuoso Open-Source (v7.2.11) and...

CVE-2025-61029

An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

Perry 路径遍历漏洞

Perry is a tool developed by Perry OpenSource that compiles TypeScript into native executable files. Versions of Perry prior to 0.5.1159 contained a path traversal vulnerability. This vulnerability allows malicious attackers to write arbitrary content to any writable location within the running...

Plane 安全漏洞

Plane is an open-source, self-hosted project planning tool developed by Plane OpenSource. Versions of Plane prior to 1.3.1 contained a security vulnerability. This vulnerability stemmed from an oversight in asset authorization across workpaces, allowing any authenticated user to read, copy, delet...

MGB OpenSource Guestbook SQL注入漏洞

MGB OpenSource Guestbook is an open-source web-based message board system developed by MGB OpenSource. Version 0.7.0.2 of MGB OpenSource Guestbook has a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the id parameter, which may allow unauthenticated...

Cleanuparr 安全漏洞

Cleanuparr is an automated tool developed by Cleanuparr OpenSource, designed to clean up invalid files in the download queue. Versions of Cleanuparr prior to 2.9.10 contained security vulnerabilities. These vulnerabilities stemmed from the TrustedNetworkAuthenticationHandler.ResolveClientIp...

Astra Linux – Vulnerability in qtbase-opensource-src

Before Qt 6.4.3, a denial-of-service attack was possible due to a crafted string when using the SQL ODBC driver plugin, especially if the size of SQLTCHAR was 4. The affected versions include 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3...

Astra Linux – Vulnerability in qtbase-opensource-src

A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...

Astra Linux – Vulnerability in qtimageformats-opensource-src

A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service DoS attack through a specially crafted MNG file...

OpenVPN OpenSource 安全漏洞

OpenVPN OpenSource is a virtual private network communication software developed by OpenVPN Inc., based on the SSL/TLS protocol. OpenVPN OpenSource has a security vulnerability; this vulnerability stems from bypassing access restrictions through the TLS handshake, potentially leading to the readi...

CVE-2026-41667

Technical details about CVE-2026-41667 are not provided in the supplied documents. The description notes an integer overflow in Samsung ONE’s constant tensor data size calculation affecting large constant nodes, with affected versions prior to commit 1.30.0; monitor for updates.

PT-2026-34261

CVE-2026-41667 Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is… https://t.co/Xi4APjqrso...