3 matches found
CVE-2025-3466 Unsanitized Input in langgenius/dify
langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictio...
CVE-2022-28218
An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. A local attacker could access secret keys found in a Roundcube configuration file that are used to protect Webmail user passwords and two-factor authentication 2FA...
The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform, related to insufficient protection of registration data, allows a perpetrator to gain access to secret keys.
The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain access to secret keys...