115 matches found
EUVD-2022-40889
Malicious code in bioql PyPI...
EUVD-2022-31111
Malicious code in bioql PyPI...
CVE-2025-56520
Dify v1.6.0 was discovered to contain a Server-Side Request Forgery SSRF via the component controllers.console.remotefiles.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720...
CVE-2024-25451
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4DataBuffer::ReallocateBuffer function...
Linux Distros Unpatched Vulnerability : CVE-2023-36192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c. CVE-2023-36192 Note that Nessus relies o...
CAREL Boss-Mini
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : CAREL Equipment : Boss-Mini Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
CVE-2023-5938 Path traversal via 'zip slip' in Arc before v1.6.0
Multiple functions use archives without properly validating the filenames therein, rendering the application vulnerable to path traversal via 'zip slip' attacks. An administrator able to provide tampered archives to be processed by the affected versions of Arc may be able to have arbitrary files...
Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0
Summary On Windows systems, the Arc configuration files resulted to be world-readable. Impact This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files. Mitigation N/A Solution Upgrade to v1.6.0 or later...
CVE-2024-30809
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4Sample::GetOffset const, leading to a Denial of Service DoS, as demonstrated by mp42ts...
CVE-2024-30806
CVE-2024-30806 affects Bento4 v1.6.0-641-2-g1529b83. The issue is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom (Ap4Dec3Atom.cpp) that leads to a Denial of Service (DoS). Demonstrated by mp42aac. Connected advisories corroborate the same description. The Red Hat entry mirrors the DoS without prov...
CVE-2024-30809
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4Sample::GetOffset const, leading to a Denial of Service DoS, as demonstrated by mp42ts...
CVE-2023-33528
halo v1.6.0 is vulnerable to Cross Site Scripting XSS...
CVE-2023-33528
Halo v1.6.0 is vulnerable to Cross Site Scripting (XSS) . The documents identify the affected software and version but do not provide root cause details, exploitation data, or a confirmed patch. No remediation version is stated in the provided sources; monitor for vendor advisories for an officia...
CVE-2023-33528
halo v1.6.0 is vulnerable to Cross Site Scripting XSS...
CVE-2023-33528
halo v1.6.0 is vulnerable to Cross Site Scripting XSS...
CVE-2024-25454
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4DescriptorFinder::Test function...
CVE-2024-25451
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4DataBuffer::ReallocateBuffer function...
Design/Logic Flaw
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4DataBuffer::ReallocateBuffer function...
Design/Logic Flaw
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4UrlAtom::AP4UrlAtom function...
CVE-2024-25452
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4UrlAtom::AP4UrlAtom function...