Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

EUVD-2021-26941

Malware in sbrugna...

EUVD-2023-58578

Malicious code in bioql PyPI...

EUVD-2022-52833

Malicious code in bioql PyPI...

RHEL 8 : unbound (RHSA-2025:13575)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13575 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbound Cache poisoning...

CVE-2025-29983

Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-29983

Dell Trusted Device prior to version 7.0.3.0 is affected by an Improper Link Resolution Before File Access (Link Following) vulnerability. A low-privileged attacker with local access could potentially exploit this to achieve Elevation of Privileges. The issue is documented across multiple sources...

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

GHSA-5XH2-23CC-5JC6 Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

Vulnerability Summary A type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations Django, SQLAlchemy, Pydantic. The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node...

Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

Vulnerability Summary A type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations Django, SQLAlchemy, Pydantic. The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node...

CVE-2024-8014 Telerik Reporting EntityDataSource Insecure Type Resolution

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible through object injection via an insecure type resolution vulnerability...

CVE-2024-6096

Progress Telerik Reporting, before version 18.1.24.709, is affected by an object-injection vulnerability due to insecure type resolution that can lead to code execution. The vulnerability affects Progress Telerik Reporting (a .NET/.NET Framework embedded reporting tool) and various advisories ide...

Input validation

A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before...

CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

2696-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...

MGASA-2014-0550 Updated apache-poi packages fix security vulnerabilities

Updated apache-poi packages fix security vulnerabilities: It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server,...

Ubuntu: Security Advisory (USN-2189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Resoluciуn mнnima de 800x600 SQLi injection Vulnerability

Exploit for php platform in category web applications ========================================================= Resoluciуn mнnima de 800x600 SQLi injection Vulnerability =========================================================...