10 matches found
CVE-2025-46724
Langroid is a Python framework to build large language model LLM-powered applications. Prior to version 0.53.15, TableChatAgent uses pandas eval. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. Langroid 0.53.15 sanitizes...
CVE-2025-46724 Langroid has a Code Injection vulnerability in TableChatAgent
Langroid is a Python framework to build large language model LLM-powered applications. Prior to version 0.53.15, TableChatAgent uses pandas eval. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. Langroid 0.53.15 sanitizes...
GLPI Security Vulnerabilities
GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...
Cross-site Scripting (XSS)
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the projdoceditpage.php Project Documentation feature. An attacker can execute arbitrary code after uploading an attachment with a crafted filename. The code is...
MantisBT < 2.21.3 XSS Vulnerability - Linux
MantisBT is prone to a cross-site scripting vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
MantisBT < 2.21.3 XSS Vulnerability - Windows
MantisBT is prone to a cross-site scripting vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
CVE-2015-5059
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...
CVE-2015-5059
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...
CVE-2015-5059
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files $gviewprojdocthreshold is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the fileid parameter to...
SEE - Sandboxed Execution Environment
Sandboxed Execution Environment SEE is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors Qemu, VirtualBox, LXC can be employed to run the Test Environments...