CVE-2026-6587 vibrantlabsai RAGAS Collections util.py _try_process_url server-side request forgery

A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function tryprocesslocalfile/tryprocessurl of the file src/ragas/metrics/collections/multimodalfaithfulness/util.py of the component Collections Module. Performing a manipulation of the argument...

EUVD-2026-21349

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLEID results in sql injection. The attack can be executed remotely. The exploit has be...

CVE-2025-13434

A weakness has been identified in jameschz Hush Framework 2.0. The impacted element is an unknown function of the file Hush\hush-lib\hush\Util.php of the component HTTP Host Header Handler. This manipulation of the argument $SERVER'HOST' causes improper neutralization of http headers for scriptin...

CVE-2025-13434

CVE-2025-13434 affects the jameschz Hush Framework 2.0. The issue lies in the HTTP Host Header Handler implemented in Hush\hush-lib\hush\Util.php, where manipulation of the argument $_SERVER['HOST'] causes improper neutralization of HTTP headers for scripting syntax. Exploitation is described as ...

CVE-2025-13434 jameschz Hush Framework HTTP Host Header Util.php http headers for scripting syntax

A weakness has been identified in jameschz Hush Framework 2.0. The impacted element is an unknown function of the file Hush\hush-lib\hush\Util.php of the component HTTP Host Header Handler. This manipulation of the argument $SERVER'HOST' causes improper neutralization of http headers for scriptin...

SUSE CVE-2019-13636

In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...

systemd: buffer overrun in format_timespan() function

An off-by-one error flaw was found in systemd in the formattimespan function of time-util.c. This flaw allows an attacker to supply specific values for time and accuracy, leading to a buffer overrun in formattimespan, leading to a denial of service...

samurai 代码问题漏洞

samurai is a ninja-compatible build utility written in C. A security vulnerability exists in samurai 1.2, which originates from dereferencing a NULL pointer in writefile in util.c via a crafted build file...

JerryScript Buffer Overflow Vulnerability (CNVD-2022-11530)

JerryScript is a lightweight JavaScript engine from the JerryScript Jerryscript project. JerryScript 2.3.0 is vulnerable due to an out-of-bounds read in the main print unhandled exception in the main-util .c file, which could be exploited by an attacker to cause code execution...

Libmobi Information Disclosure Vulnerability (CNVD-2018-10876)

Libmobi is a C-based language for processing Kindle MOBI format e-book document library . A security vulnerability exists in the 'mobigetkf8boundaryseqnumber' function in the util.c file in Libmobi version 0.3. A remote attacker can exploit this vulnerability to disclose information heap-based...