Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Filter Expression Injection

Spring AI is vulnerable to Filter Expression Injection. The vulnerability is due to insufficient sanitization of document IDs in MilvusVectorStoredoDeleteList, where attacker-controlled IDs are incorporated into Milvus filter expressions, allowing injection of malicious query conditions that can...

OpenClaw 安全漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw has a security vulnerability that originates in the Discord audit operation processing using the sender's identity in the request parameters, which can be exploited by an attacker to request an audit operation by...

USN-7827-1 gst-plugins-base1.0 vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service...

EUVD-2009-4786

Malware in sbrugna...

EUVD-2024-46524

Malicious code in bioql PyPI...

EUVD-2023-33127

Malicious code in bioql PyPI...

AlmaLinux 8 : postgresql:15 (ALSA-2025:15022)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15022 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-871...

RockyLinux 8 : postgresql:16 (RLSA-2025:14899)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14899 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-87...

RockyLinux 9 : postgresql:16 (RLSA-2025:14827)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14827 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation CVE-2025-87...

RHEL 9 : postgresql (RHSA-2025:14869)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14869 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

CVE-2020-8949

Gocloud S2AWL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S3A K2P MTK 4.2.7.16528, S3A 4.3.0.16572, and ISP3000 4.3.0.17190 devices allows remote attackers to execute arbitrary OS commands via shell metacharacters in a ping operation, as demonstrated by the...

CVE-2019-15665

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges...

LG Simple Editor 安全漏洞

LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. LG Simple Editor suffers from a remote code execution vulnerability that is caused by failing to properly validate a user-supplied path before using it in ...

Code Sector TeraCopy 安全漏洞

Code Sector TeraCopy is Code Sector's free file transfer program designed to replace the built-in Windows Explorer file transfer feature. A security vulnerability exists in Code Sector TeraCopy version 3.9.7, which originates from the fact that proper access validation is not performed on the...

CVE-2022-34881 Information Exposure Vulnerability in JP1/Automatic Operation

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01...

CVE-2022-40176

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

Integer overflow in Tensorflow

Impact The implementation of OpLevelCostEstimator::CalculateTensorSize is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements: cc int64t OpLevelCostEstimator::CalculateTensorSize const OpInfo::TensorProperties&...