Deserialization Of Untrusted Data

org.apache.iotdb:iotdb-confignode is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insufficient validation of externally supplied serialized data, which allows an attacker to craft malicious serialized objects that can be deserialized to execute arbitrary code or...

EUVD-2012-0115

Malware in sbrugna...

EUVD-2023-2666

Malicious code in bioql PyPI...

CVE-2025-31493

Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data...

CVE-2025-30159

CVE-2025-30159 affects Kirby CMS versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 when using the dynamic snippet name via the snippet() helper or $kirby->snippet() . The root cause is a missing path traversal check that could allow an attacker to access files outside the snippets root (or Kirby ...

CVE-2024-11042

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

CVE-2024-11042

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

Linux Distros Unpatched Vulnerability : CVE-2021-44512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling...

Fedora: Security Advisory (FEDORA-2024-c89d2ecdea)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moment.js: Path traversal in moment.locale

A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...

CVE-2020-14633

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

[SECURITY] Fedora 20 Update: zabbix-2.0.9-2.fc20

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

[SECURITY] Fedora 19 Update: zabbix-2.0.6-3.fc19

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

BannerFarm XSS vuln.

BannerFarm XSS vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendor:www.perlcoders.com/main/scripts.html?script=BannerFarm affected versions:2.3 and previous orginal advisory: http://pridels.blogspot.com/2006/04/bannerfarm-xss-vuln.html Vuln. Description: BannerFarm contains a flaw that...

phpLinks <= 2.1.3.1 XSS vuln.

phpLinks = 2.1.3.1 XSS vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://sourceforge.net/projects/phplinks/ affected versions:phpLinks 2.1.3.1 and previous orginal advisory: http://pridels.blogspot.com/2006/04/phplinks-2131-xss-vuln.html Vuln. Description: phpLinks contains a...

eDatCat XSS vuln.

eDatCat XSS vuln. Vuln. discovered by : r0t Date: 15 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/edatcat-xss-vuln.html vendor:http://www.edatcat.com/ affected version: v3.0 and prior Product Description: eDatCat is a fully customizable database and shopping cart system. Feature...

Lyris List Manager <= 8.8a Multiple Vulnerabilities

Binary data 3324.prm...

Discuz File Extension Validation Weakness Arbitrary File Upload

Binary data 3167.prm...