27 matches found
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...
CVE-2026-48959
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017479)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017479 advisory. A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other...
CVE-2026-25210 affecting package expat for versions less than 2.6.4-4
CVE-2026-25210 affecting package expat for versions less than 2.6.4-4. A patched version of the package is available...
CVE-2022-27949
A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed for example when they were depending on past and previous instances of the task failed. This issue affects Apache Airflow prior to 2.3.1...
PT-2025-53872
Name of the Vulnerable Software and Affected Versions DesignThemes LMS Addon versions prior to and including 2.6 Description An authorization issue exists in the DesignThemes LMS Addon due to incorrectly configured access control security levels. This allows for potential exploitation of the...
PT-2025-47291
Name of the Vulnerable Software and Affected Versions METZ CONNECT EWIO2-M versions prior to 2.2.0 METZ CONNECT Ethernet-IO EWIO2-BM versions prior to 2.2.0 Description An unauthenticated remote attacker can execute arbitrary PHP files and gain full access of the affected devices. This allows...
EUVD-2025-31721
Malicious code in bioql PyPI...
CVE-2024-31583
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp...
CVE-2023-0440
Observable Discrepancy in GitHub repository healthchecks/healthchecks prior to v2.6...
Drupal Email TFA 安全漏洞
Drupal Email TFA is a Drupal community module that provides email-based two-factor authentication functionality for Drupal. A security vulnerability exists in Drupal Email TFA versions prior to 2.0.3, which stems from weak authentication and could lead to brute force exploits...
PT-2024-25927 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.1 Description: The issue is related to a reachable assertion that can cause an AMF crash via NAS messages from a UE. This occurs due to improper handling of the pkbuf-len variable in the ogs nas encrypt function...
CVE-2022-45135
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
PT-2023-27371 · Gnu +2 · Gnu Inetutils +2
Name of the Vulnerable Software and Affected Versions: GNU inetutils versions prior to 2.5 Description: The issue allows privilege escalation due to unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is relevant if the setuid system call fails when ...
PYSEC-2023-280
OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0...
CVE-2022-29562
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
PrestaShop SQL注入漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop versions prior to 2.1.3, which stems from the EU Cookie Law GDPR Banner +...
PT-2022-20528
Name of the Vulnerable Software and Affected Versions prestashop/blockwishlist versions prior to 2.1.1 Description The issue allows an authenticated customer to perform SQL injection. This can be exploited by an attacker to extract or modify sensitive data. The problem is related to the...
CVE-2021-41525
An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior...
ZOLL Defibrillator Dashboard Permission Mismanagement Vulnerability
ZOLL Defibrillator Dashboard is a defibrillator management tool. A mismanagement of privileges vulnerability exists in ZOLL Defibrillator Dashboard versions prior to 2.2. The vulnerability stems from the product containing insecure file system permissions. An attacker could exploit the...