5 matches found
CVE-2026-4760 Potential unauthorized access to files on the Web HMI server host
From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he knows their paths and if these files are accessible to the Servin process execution account. Installations based on Panorama Suite 2022-SP1 22.50.005 are vulnerable unless update PS-2210-02-4079 or high...
GHSA-M42M-M8CR-8M58 LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing
The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity XXE attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse and lxml.etree.XSLT without any...
EUVD-2024-41409
Malicious code in bioql PyPI...
CVE-2022-23700
A local unauthorized read access to files vulnerability was discovered in HPE OneView versions: Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView...
CIS WebServer 3.5.13 - Directory Traversal
CIS WebServer 3.5.13 - Directory Traversal source: https://www.securityfocus.com/bid/12662/info A vulnerability has been identified in the handling of certain types of requests by CIS WebServer. Because of this, it is possible for an attacker to gain access to potentially sensitive system files...