25 matches found
PT-2026-52426
Name of the Vulnerable Software and Affected Versions H5P versions prior to 1.17.7 Description An unauthenticated Cross Site Scripting XSS issue exists, allowing an attacker to execute malicious scripts in the browser of a user without requiring authentication. Recommendations Update to a version...
Astra Linux – Vulnerability in Linux, Linux 5.10
The drivers/block/floppy.c file in the Linux kernel before version 5.17.6 is vulnerable to a denial-of-service attack due to a concurrency issue after deallocating rawcmd in the rawcmdioctl function...
CLEANSTART-2026-EQ51133 Security fixes for CVE-2023-5870, CVE-2024-7348, CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 applied in versions: 16.1-r0, 16.2-r0, 16.4-r0, 17.6-r0
Multiple security vulnerabilities affect the postgresql package. These issues are resolved in later releases. See references for individual vulnerability details...
Craft CMS 安全漏洞
Craft CMS is an open-source content management system developed by Craft Studio. Vulnerabilities existed in versions of Craft CMS from 4.0.0-RC1 to 4.17.6, as well as in versions 5.0.0-RC1 to 5.9.12. These vulnerabilities stemmed from a potential exploit where low-privilege users or unverified...
EUVD-2025-24809
Malicious code in bioql PyPI...
CVE-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server
Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...
CVE-2024-27871
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data...
CVE-2022-24110
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later...
PT-2025-6770 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.5 Description: An issue was discovered in GitLab CE/EE, which allows an attacker with a maintainer role to trigger a pipeline as the project owner under certain circumstances. Recommendations: For version...
Microsoft Visual Studio和Microsoft .NET 安全漏洞
Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...
CVE-2024-40829
The issue was addressed with improved checks. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8. An attacker may be able to view restricted content from the lock screen...
CVE-2024-40795
This issue was addressed with improved data protection. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to read sensitive location information...
CVE-2024-27871
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. An app may be able to access protected user data...
PT-2024-29063 · Apple · Macos Sonoma +5
Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 10.6 macOS Sonoma versions prior to 14.6 iOS versions prior to 17.6 iPadOS versions prior to 17.6 tvOS versions prior to 17.6 Description: A permissions issue was addressed with additional restrictions. This issue...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which arises from the...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS before version 17.6 and iPadOS before version 17.6, which originates from a...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 17.6 and iPadOS prior to version 17.6, which stems from an...
Microsoft Visual Studio and Microsoft .NET Security Vulnerabilities
Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...
Microsoft .NET Security Vulnerabilities
Microsoft .NET is a software framework from Microsoft Corporation that is dedicated to agile software development, rapid application development, platform-agnosticism, and web transparency. A security vulnerability exists in Microsoft . NET 6.0, .NET 7.0, .NET 8.0, Microsoft Visual Studio 2022...