5 matches found
CVE-2025-66415
CVE-2025-66415 affects the Fastify plugin @fastify/reply-from . Affected versions allow bypassing route restrictions by crafting a malicious URL, enabling access to routes that should be disallowed when using reply.from. The vulnerability is described across multiple sources as a bypass of reply ...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Updated to 12.5.2: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
CVE-2025-48054 Radashi Vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...
Zoho Corporation ManageEngine OPManager 跨站脚本漏洞
Zoho Corporation ManageEngine OpManager is a comprehensive network monitoring software from Zoho Corporation, USA. It is used to manage routers, firewalls, servers, switches and printers. A cross-site scripting vulnerability exists in ManageEngine OPManager =12.5.174, which stems from an API key...
SUSE-SU-2020:3463-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - Upgrade to version 12.5: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694, bsc1178667: a Fix usage of complex...