ERPNext 代码问题漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Versions prior to 15.106.0 and 16.16.0 of ERPNext contained code vulnerabilities. These vulnerabilities stemmed from the ability for malicious users to send specially crafted requests t...

CVE-2026-31878

CVE-2026-31878 affects the Frappe web framework prior to versions 14.100.1, 15.100.0, and 16.6.0. A crafted request to a vulnerable endpoint can cause the server to perform an HTTP call to an arbitrary service chosen by the attacker (SSRF-like behavior). The issue is fixed in the listed patched v...

CVE-2022-38654

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record...

Mesa: Multiple integer overflows leading to heap-based bufer overflows

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XF86DRIOpenConnection and 2 XF86DRIGetClientDriverName functions...