9 matches found
EUVD-2026-31852
Traccar is an open source GPS tracking system. Prior to 6.13.0, DeviceResource.uploadImage authorizes the target device only through Condition.PermissionUser.class, getUserId, Device.class and then immediately streams the uploaded body into mediaManager.createFileStream.... Unlike the generic...
CVE-2025-41074 Multiple vulnerabilities in Limesurvey
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
EUVD-2025-30661
Malicious code in bioql PyPI...
PT-2025-38582
Name of the Vulnerable Software and Affected Versions IBM Copy Services Manager version 6.3.13 Description IBM Copy Services Manager 6.3.13 is susceptible to cross-site scripting. An authenticated user can embed arbitrary JavaScript code within the Web UI, potentially altering functionality and...
Lychee 安全漏洞
Lychee is a beautiful and easy to use photo management system open-sourced by The Lychee Organisation. It is used to manage and share photos. A security vulnerability exists in Lychee versions prior to 6.6.13, which stems from a server-side request forgery in the /api/v2/Photo::fromUrl endpoint...
PT-2023-29529 · Rsa · Archer Platform
Name of the Vulnerable Software and Affected Versions: Archer Platform versions 6.x through 6.13 P2 HF1 Archer Platform version 6.13 P2 HF2 is not affected, but versions prior to 6.13 P2 HF2 are vulnerable. Description: The issue is a stored cross-site scripting XSS vulnerability. A remote...
Archer Platform 跨站脚本漏洞
Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform versions prior to 6.13 that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability. An attacker can exploit this vulnerability to execute...
Archer Platform 日志信息泄露漏洞
Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in versions of Archer Platform prior to v.6.13 that stems from sensitive information that can be accessed via log files...
SUSE-SU-2021:0887-1 Security update for python36
This update for python36 fixes the following issues: - python36 was updated to 3.6.13 - CVE-2021-23336: Fixed a potential web cache poisoning by using a semicolon in query parameters use of semicolon as a query string separator bsc1182379...