CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

EUVD-2023-57358

Malicious code in bioql PyPI...

CVE-2024-58045

Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-58045

Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2023-5012

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

CVE-2023-5012

The CVE-2023-5012 issue affects Topaz OFD version 2.11.0.201, specifically the Warsaw Protection Module core.exe component located under C:\Program Files\Topaz OFD\Warsaw\core.exe. The root cause is an unquoted search path, enabling local attacker access. There is no indication of remote exploita...

Schweitzer Engineering Laboratories AC Protection Module Detection

Binary data 755363.prm...

Apache Sling API Cross-Site Scripting Vulnerability

Apache Sling is a set of U.S. Apache Software Foundation for the Java platform on the open source Web framework. A cross-site scripting vulnerability in the XSS Protection API module in Apache Sling allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, whic...

ImpressCMS 1.3.5 XSS / File Deletion

Hi, I have discovered two vulnerabilities in ImpressCMS. These have been fixed in the new 1.3.6 version, which you can get at https://sourceforge.net/projects/impresscms/files/ImpressCMS%20Official%20Releases/ImpressCMS%201.3%20Branch/ImpressCMS%201.3.6/. One is an arbitrary file deletion and the...

Unbreakable Enterprise kernel security and bug fix update

2.6.32-300.37.1. - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412 2.6.32-300.36.1. - dl2k: Clean up rioioctl Stephan Muell...

DEBIAN-CVE-2007-5828

Cross-site request forgery CSRF vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CS...

CVE-2007-5828

Cross-site request forgery CSRF vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CS...