103 matches found
Astra Linux - уязвимость в qemu
An integer underflow issue was discovered in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could exploit this flaw to render QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2026-28797
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...
CVE-2026-28797
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...
CVE-2026-28797 RAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" Component
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...
CVE-2026-28797 RAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" Component
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...
CVE-2026-28797
RAGFlow (open-source Retrieval-Augmented Generation engine) is affected in versions ≤0.24.0 by a Server-Side Template Injection (SSTI) in the Agent workflow Text Processing (StringTransform) and Message components. The vulnerability arises from rendering user-supplied templates with Python’s jinj...
Exploit for CVE-2025-67303
ComfyUI Custom Node - AI Enhancement This is a custom node fo...
[SECURITY] Fedora 43 Update: ruby-3.4.7-28.fc43
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version 5.8.5 and versions prior to CCM 3.1.3, which stems fro...
GHSA-9952-GV64-X94C CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability
Impact This vulnerability affects applications that: Use the ImageMagick handler for image processing imagick as the image library AND either: Allow file uploads with user-controlled filenames and process uploaded images using the resize method OR use the text method with user-controlled text...
CVE-2022-47091
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gftextprocesssub function of filters/loadtext.c...
Moderate: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler:...
ReDoS in giskard's transformation.py (GHSL-2024-324)
ReDoS in Giskard text perturbation detector A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation...
Moderate: Red Hat Security Advisory: ruby:3.3 security update
An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
[SECURITY] Fedora 40 Update: ruby-3.3.4-11.fc40
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
Moderate: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: Red Hat Security Advisory: ruby:3.3 security, bug fix, and enhancement update
An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-35449 Security Fixes: ruby: Buffer overread vulnerabili...
ALSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. AlmaLinux-35449 Security Fixes: ruby: Buffer overread vulnerabili...
ALSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. AlmaLinux-37697 Security Fixes: ruby: Buffer overread vulnerabili...