CVE-2026-31251

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...

CLSA-2025-1762537354 cups: Fix of CVE-2024-35235

CVE-2024-35235: patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item...

CLSA-2025-1762537123 cups: Fix of CVE-2024-35235

CVE-2024-35235: patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item...

EUVD-2021-29527

Malicious code in bioql PyPI...

IntelliJ IDEA < 2025.2 Multiple Vulnerabilities (macOS)

The version of IntelliJ IDEA installed on the remote host is prior to 2025.2. It is, therefore, affected by a multiple vulnerabilities as referenced in the advisory. - In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference. CVE-2025-57727 - In JetBrains...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . A security vulnerability exists in...

CLSA-2024-1734531954 cups: Fix of CVE-2024-35235

CVE-2024-35235: Patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item...

CVE-2024-1873

parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed /selectdatabase endpoint in version a9d16b0. The endpoint improperly handles file paths, allowing attackers to specify absolute paths when interacting with the DiscussionsDB instance. This flaw...

CVE-2024-1873

CVE-2024-1873 affects parisneo/lollms-webui (version a9d16b0) via an exposed /select_database endpoint that mishandles file paths when interacting with the DiscussionsDB, enabling path traversal and potential denial of service. Attackers can specify absolute paths to create directories anywhere t...

CVE-2024-1873 Path Traversal and Denial of Service in parisneo/lollms-webui

parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed /selectdatabase endpoint in version a9d16b0. The endpoint improperly handles file paths, allowing attackers to specify absolute paths when interacting with the DiscussionsDB instance. This flaw...

LoLLMs Security Vulnerabilities

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs version a9d16b0, which stems from vulnerability to path traversal and denial-of-service attacks, which can lead to server startup failures and client...

Linux Expl0rer - Easy-To-Use Live Forensics Toolbox For Linux Endpoints

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map & fetch memory strings easly Dump process memory in one click Automaticly search hash in public services VirusTotal AlienVault OTX users users list...

CVE-2005-4761

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information passwords or keyphrases in the server log file when the -D option is used...