CVE-2026-45043

RustFS vulnerability CVE-2026-45043: prior to 1.0.0-beta.2, improper validation in PUT /rustfs/admin/v3/import-iam lets a user with ImportIAMAction create service accounts under arbitrary parents, including minioadmin, by submitting attacker-controlled parent, claims, accessKey and secretKey. Thi...

LibreChat 代码问题漏洞

LibreChat is an enhanced ChatGPT clone by Danny Avila Personal Developer. A code issue vulnerability exists in versions prior to LibreChat 0.8.1-rc2 that stems from a server-side request forgery in the Actions feature, which could lead to server impersonation...

CVE-2025-59989

CVE-2025-59989 affects Juniper Networks Junos Space prior to version 24.1R4. The issue is an Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) on the Device Discovery page, allowing an attacker to inject script tags which, when viewed by another user, can execute ...

PT-2023-22203 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions prior to 14.9-rc-1 Description: The issue arises from the lack of checks on the author of a JavaScript xobject or StyleSheet xobject added to a XWiki document. This allowed a user with only Edit Right to create such an object a...

CVE-2018-16268

The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based...

UBUNTU-CVE-2016-2519

ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service ntpd abort by a large request data value, which triggers the ctlgetitem function to return a NULL value...