KDE Ark 安全漏洞

KDE Ark is a graphical file compression/decompression utility for the KDE community. A security vulnerability exists in KDE Ark versions prior to 24.12.0, which stems from the fact that libarchiveplugin.cpp can extract absolute paths from archives...

CVE-2024-56144 Stored XSS-LibreNMS-Display Name 2 in librenms

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters Replace $DEVICEID with your specific $DEVICEID value:/device/$DEVICEID/edit - param: display. Librenms versions up to 24.11.0 allow remote attackers to inject...

CVE-2024-56144 Stored XSS-LibreNMS-Display Name 2 in librenms

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters Replace $DEVICEID with your specific $DEVICEID value:/device/$DEVICEID/edit - param: display. Librenms versions up to 24.11.0 allow remote attackers to inject...

PT-2025-3197 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: Librenms versions up to 24.11.0 Description: The issue concerns a stored XSS vulnerability in the parameters of the /device/$DEVICE ID/edit endpoint, specifically the display parameter. This allows remote attackers to inject malicious scripts...

CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...