8 matches found
CVE-2026-30969
Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...
Stirling-PDF 代码问题漏洞
Stirling-PDF is a powerful, locally hosted, web-based PDF manipulation tool using Docker, open-sourced by Stirling Tools. A code issue vulnerability exists in Stirling-PDF versions prior to 1.1.0 that stems from a cleaner in the Markdown to PDF feature that can be bypassed, potentially leading to...
PT-2024-40548 · Kanidm · Kanidm
Name of the Vulnerable Software and Affected Versions: kanidm versions prior to 1.1.0rc16git6.e51d0de Description: The issue is related to an administrator-triggered thread crash in oauth2 claim maps. This problem can be triggered by an administrator, leading to a thread crash. There is no...
PT-2023-12769 · Com.Fasterxml · Java-Merge-Sort
Name of the Vulnerable Software and Affected Versions: com.fasterxml.util:java-merge-sort versions prior to 1.1.0 Description: The issue is related to an Insecure Temporary File in the StdTempFileProvider function, located in StdTempFileProvider.java. This function utilizes the permissive...
Apache Sling CMS 跨站脚本漏洞
Apache Sling CMS is a content management system CMS from the Apache Foundation USA. A cross-site scripting vulnerability exists in Apache Sling CMS version 1.1.0 and prior versions, which stems from incorrect neutralization of inputs during web page generation, and could allow an authenticated,...
tiny-csrf 安全漏洞
tiny-csrf is a small csrf library by Vincent Alexander Saulys personal developer. It is intended to replace the work done by csurf before it was removed. A security vulnerability exists in versions of tiny-csrf prior to 1.1.0, which stems from the fact that cookies are not encrypted, and thus CSR...
AZL-8805 CVE-2019-25058 affecting package usbguard for versions less than 1.1.0-1
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future...
nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js
A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...