CVE-2026-27734

Beszel is a server monitoring platform. Before v0.18.2, the hub’s authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied container param to the agent without validation. The agent builds Docker Engine API URLs using fmt.Sprintf with ...

UBUNTU-CVE-2025-30224

MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted...

MyDumper 信息泄露漏洞

MyDumper is an application in the MyDumper open source. An information disclosure vulnerability exists in versions of MyDumper prior to v0.18.2-8, which stems from the local infile option enabled by default that could lead to arbitrary file reads...

SUSE CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python Charmers Future version 0.18.2 and earlier. An attacker can exploit this...

PT-2022-6568 · Unknown +7 · Python Charmers Future +7

Name of the Vulnerable Software and Affected Versions: Python Charmers Future versions 0.18.2 and earlier Description: The issue is related to improper input validation when handling the Set-Cookie header, allowing a remote attacker to send a specially crafted HTTP request and perform a denial of...

sharkdp BAT 代码问题漏洞

sharkdp BAT is an open source cat syntax highlighting and Git integrated cloning tool . A security vulnerability exists in sharkdp BAT prior to 0.18.2, which stems from the execution of less.exe from the current working directory. No details of the vulnerability are provided at this time...

GHSA-9W87-4J72-GCV7 Insecure Default Configuration in graphql-code-generator

Versions of graphql-code-generator prior to 0.18.2 have an Insecure Default Configuration. The packages sets NODETLSREJECTUNAUTHORIZED to 0, disabling certificate verification for the entire project. This results in Insecure Communication for the process. Recommendation Upgrade to version 0.18.2 ...

CVE-2019-1000012

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

UBUNTU-CVE-2017-13735

There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack...

DEBIAN-CVE-2017-6886

An error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to corrupt memory...