CVE-2026-24808 A possible integer overflow vulnerability in RawTherapee/RawTherapee

Integer Overflow or Wraparound vulnerability in RawTherapee rtengine modules. This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11...

CVE-2023-50729

Traccar is an open source GPS tracking system. Prior to 5.11, Traccar is affected by an unrestricted file upload vulnerability in File feature allows attackers to execute arbitrary code on the server. This vulnerability is more prevalent because Traccar is recommended to run web servers as root...

CVE-2019-16248

The "delete for" feature in Telegram before 5.11 on Android does not delete shared media files from the Telegram Images directory. In other words, there is a potentially misleading UI indication that a sender can remove a recipient's copy of a previously sent image analogous to supported...

EUVD-2025-11008

Malicious code in bioql PyPI...

EUVD-2025-30690

Malicious code in bioql PyPI...

EUVD-2023-55488

Malicious code in bioql PyPI...

OmniOs 安全漏洞

OmniOs is an operating system from OmniOs Open Source. A security vulnerability exists in OmniOs version v5.11, which stems from the repeated sending of specially crafted TCP packets, which could lead to a denial-of-service attack...

CVE-2025-57964

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Stored XSS.This issue affects Library Bookshelves: from n/a through = 5.11...

WordPress Library Bookshelves Plugin <= 5.11 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Library Bookshelves versions = 5.11...

CVE-2025-32021

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2025-32021

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

PYSEC-2025-35

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2025-32021 Weblate VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2025-32021 Weblate VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2025-32021

CVE-2025-32021 concerns Weblate before 5.11, where creating a new component from an existing one could leak VCS credentials. If the source repository URL is present in settings, that URL is carried in client URL parameters during creation; credentials such as GitHub PATs and usernames could appea...

CVE-2021-47133

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix memory leak in amdsfhwork Kmemleak tool detected a memory leak in the amdsfh driver. ==================== unreferenced object 0xffff88810228ada0 size 32: comm "insmod", pid 3968, jiffies 4295056001 age 775.792s h...

CVE-2023-50729

Traccar is an open source GPS tracking system. Prior to 5.11, Traccar is affected by an unrestricted file upload vulnerability in File feature allows attackers to execute arbitrary code on the server. This vulnerability is more prevalent because Traccar is recommended to run web servers as root...

Unrestricted file upload

Traccar is an open source GPS tracking system. Prior to 5.11, Traccar is affected by an unrestricted file upload vulnerability in File feature allows attackers to execute arbitrary code on the server. This vulnerability is more prevalent because Traccar is recommended to run web servers as root...

CVE-2023-50729 An unrestricted file upload vulnerability in traccar leads to RCE

Traccar is an open source GPS tracking system. Prior to 5.11, Traccar is affected by an unrestricted file upload vulnerability in File feature allows attackers to execute arbitrary code on the server. This vulnerability is more prevalent because Traccar is recommended to run web servers as root...

GSD-2022-1007991 netfilter: ipset: enforce documented limit to prevent allocating huge memory

netfilter: ipset: enforce documented limit to prevent allocating huge memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.78 by commit...