Linux Distros Unpatched Vulnerability : CVE-2019-10878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData and CDataFileReader::ReplaceData and related functions in...

Linux Distros Unpatched Vulnerability : CVE-2023-35956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst...

Linux Distros Unpatched Vulnerability : CVE-2021-45087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

Linux Distros Unpatched Vulnerability : CVE-2023-35955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst...

Linux Distros Unpatched Vulnerability : CVE-2021-40592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a version v1.0.1 onwards contains loop with unreachable exit condition 'infinite loop'...

GHSA-7753-XRFW-CH36 LlamaIndex affected by a Denial of Service (DOS) in JSONReader

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

LlamaIndex affected by a Denial of Service (DOS) in JSONReader

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

Linux Distros Unpatched Vulnerability : CVE-2025-6273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file...

Linux Distros Unpatched Vulnerability : CVE-2025-6275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of...

SUSE SLES12: libqt4 / libqt4-32bit / libqt4-devel / libqt4-devel-doc / etc (SUSE-SU-2025:02968-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02968-1 advisory. - CVE-2021-45930: Fixed out-of-bounds write leading to DoS bsc1196654 - CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont...

Uncontrolled Recursion

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader component. An attacker can cause excessive resource consumption and crash the process by submitting deeply nested JSON files...

CVE-2025-5302

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

CVE-2025-5302

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

CVE-2025-5302

The CVE-2025-5302 affects the JSONReader in run-llama/llama_index v0.12.37, where unconstrained recursion on deeply nested JSON can exhaust Python recursion depth, causing high CPU/memory use and potential DoS. The issue is resolved in v0.12.38. Remediation: upgrade llama_index to 0.12.38 or late...

PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser

Product: PhpSpreadsheet Version: 3.8.0 CWE-ID: CWE-918: Server-Side Request Forgery SSRF CVSS vector v.3.1: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS vector v.4.0: 8.7 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Description: SSRF occurs when a processed HTML document is read and...

CVE-2025-54370 PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser

PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the...

CVE-2025-54370 PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser

PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the...

CVE-2025-54370

CVE-2025-54370 affects PhpSpreadsheet. The SSRF vulnerability resides in PhpOffice\PhpSpreadsheet\Worksheet\Drawing::setPath, where a user-supplied string read by the HTML reader can cause server-side requests. Affected versions include prior to 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0; patches a...

Vulnerabilities fixed in Foxit Reader

Foxit has fixed vulnerabilities in Foxit Reader Specific to version 2025.1.0.27937. The vulnerabilities are in the way Foxit Reader handles PDF files. Malicious parties can exploit these vulnerabilities by tricking users into opening a malicious PDF file or visiting a malicious website, which can...