PT-2026-51628

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description Gogs contains an authorization bypass in its Git Smart HTTP handler for repository RPCs. The system determines the authorization policy based on the client-supplied service query parameter rathe...

Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Impact An uncontrolled-resource-consumption memory exhaustion denial-of-service vulnerability CWE-400 / CWE-789. A client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack / applydelta, it would...

PT-2025-52183

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.6.1...

EUVD-2025-203564

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...

Intel Ethernet Adapter Complete Driver Pack 安全漏洞

Intel Ethernet Adapter Complete Driver Pack is a complete driver for Ethernet adapters from Intel Corporation. A security vulnerability exists in Intel Ethernet Adapter Complete Driver Pack versions prior to 1.5.1.0, which originates from a competitive condition in the user's application and coul...

EUVD-2025-23846

Malicious code in bioql PyPI...

EUVD-2024-27404

Malicious code in bioql PyPI...

CVE-2025-58649

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

Linux Distros Unpatched Vulnerability : CVE-2021-22885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with...

PT-2024-13706 · Trendnet · Trendnet Tv-Ip1314Pi

Name of the Vulnerable Software and Affected Versions: TRENDnet TV-IP1314PI version 5.5.3 200714 Description: An issue was discovered where command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings. Recommendations:...

Rails Action Pack 输入验证错误漏洞

Rails Action Pack is a web framework for the Rails community in the United States . It provides a mechanism for routing mapping request URLs to actions, defining controllers that implement actions, and generating responses by rendering views templates in various formats. An input validation error...

HPE IlO Amplifier Pack 跨站脚本漏洞

HPE IlO Amplifier Pack is a database management software for use in clustered environments from HPE, USA. The software supports Gen8, Gen9 and Gen10 Hewlett Packard Enterprise automatic firmware and driver updates, manual or automatic recovery of firmware-corrupted systems, maximizing cluster...

The vulnerabilities of the Microsoft Office suite, including the Word Viewer program for reading doc files, the Office Compatibility Suite, and the Microsoft Word text editor, allow attackers to execute arbitrary code.

The vulnerabilities of the Microsoft Office suite, the Word Viewer program for reading doc files, the Office Compatibility Pack, and the Microsoft Word text editor are caused by buffer overflow attacks. Exploitation of these vulnerabilities can allow an attacker to execute arbitrary code using a...

Microsoft IIS 3.0/4.0 Double Byte Code Page Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/477/info This vulnerability could allow a web site viewer to obtain the source code for .asp and similar files if the server's default language Input Locale is set to Chinese, Japanese or Korean. How this works is as...

rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest

The decodecredentials method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging...

CVE-2001-0716

Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service crash via a large number of incomplete connections to the server...