EUVD-2026-13641

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

AZL-63854 CVE-2025-5917 affecting package libarchive for versions less than 3.6.1-7

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to...

UBUNTU-CVE-2025-5916

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...

Zumtobel Netlink CCD Onboard Security Breach

The Zumtobel Netlink CCD Onboard is a gateway control unit device from Zumtobel Austria. A security vulnerability exists in the Zumtobel Netlink CCD Onboard 3.74 onboard version 3.80 firmware version, which originates from a component containing a buffer overflow...

vantage6 安全漏洞

vantage6 is vantage6 open source an open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability exists in vantage6 versions prior to 3.8.0 that stems from the presence of an information leak...

StackStorm 跨站脚本漏洞

StackStorm is an event-driven automation platform. The platform is primarily used for automated remediation, security response, troubleshooting, and program deployment functions. A security vulnerability exists in StackStorm versions prior to 3.8.0, which originates in the Web UI that allows a...