6 matches found
EUVD-2025-21448
Malicious code in bioql PyPI...
EUVD-2025-21447
Malicious code in bioql PyPI...
CVE-2025-53622 DSpace has path traversal vulnerability in Simple Archive Format (SAF) package import via contents file
DSpace open source software is a repository application which provides durable access to digital resources. Prior to versions 7.6.4, 8.2, and 9.1, a path traversal vulnerability is possible during the import of an archive in Simple Archive Format, either from command-line ./dspace import command ...
CVE-2025-53621
CVE-2025-53621 : DSpace prior to 7.6.4, 8.2, and 9.1 is vulnerable to XML External Entity (XXE) injection during archive imports (SAF) or when handling XML from upstream services. The issue arises because external entities are not disabled during XML parsing, enabling a trusted administrator to t...
PT-2025-29566 · Dspace · Dspace
Name of the Vulnerable Software and Affected Versions: DSpace versions prior to 7.6.4 DSpace versions prior to 8.2 DSpace versions prior to 9.1 Description: DSpace is a repository application that provides durable access to digital resources. Two related XML External Entity XXE injection...
[NT] Serena Software's TeamTrack Sensitive Content Disclosure
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...