15 matches found
CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
EUVD-2023-57358
Malicious code in bioql PyPI...
CVE-2024-58045
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2024-58045
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2023-5012
A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...
Design/Logic Flaw
A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...
CVE-2023-5012
The CVE-2023-5012 issue affects Topaz OFD version 2.11.0.201, specifically the Warsaw Protection Module core.exe component located under C:\Program Files\Topaz OFD\Warsaw\core.exe. The root cause is an unquoted search path, enabling local attacker access. There is no indication of remote exploita...
CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path
A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...
Schweitzer Engineering Laboratories AC Protection Module Detection
Binary data 755363.prm...
Apache Sling API Cross-Site Scripting Vulnerability
Apache Sling is a set of U.S. Apache Software Foundation for the Java platform on the open source Web framework. A cross-site scripting vulnerability in the XSS Protection API module in Apache Sling allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, whic...
ImpressCMS 1.3.5 XSS / File Deletion
Hi, I have discovered two vulnerabilities in ImpressCMS. These have been fixed in the new 1.3.6 version, which you can get at https://sourceforge.net/projects/impresscms/files/ImpressCMS%20Official%20Releases/ImpressCMS%201.3%20Branch/ImpressCMS%201.3.6/. One is an arbitrary file deletion and the...
Unbreakable Enterprise kernel security and bug fix update
2.6.32-300.37.1. - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412 2.6.32-300.36.1. - dl2k: Clean up rioioctl Stephan Muell...
DEBIAN-CVE-2007-5828
Cross-site request forgery CSRF vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CS...
CVE-2007-5828
Cross-site request forgery CSRF vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CS...