Paperless-ngx 安全漏洞

Paperless-ngx is a document management system from paperless-ngx open source. A security vulnerability exists in Paperless-ngx versions 2.5.0 through 2.8.6, which stems from remote user authentication allowing API access even when API access is explicitly disabled...

PT-2024-4135 · Qlik · Qlik Sense Enterprise For Windows

Name of the Vulnerable Software and Affected Versions: Qlik Sense Enterprise for Windows versions 14.67.7 through 14.187.3 Description: The issue is related to improper validation, allowing a remote attacker to elevate their privilege and execute commands on the server. This can lead to remote co...

article-extract (>=0.1.2 <=0.1.3), ayugespidertools (>=3.4.0 <=3.9.7) +35 more potentially affected by unknown CVE via scrapy (>=1.3.3 <=2.11.1)

scrapy PYPI version =1.3.3, =0.1.2, =3.4.0, =2.8.3, =0.0.1.dev1, =1.2.1.20160901, =0.0.5, =0.3.0a0, =0.0.20, =0.9.3, =0.0.1, =0.0.1, =0.1.2, =1.0.0, =1.1.2.post0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-JM3V-QXMH-HXWV...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7649 more potentially affected by CVE-2024-30171 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2024-30171 Source...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, etc. Git is a free, open source, distributed version control system. A security vulnerability exis...

NocoDB Code Issues Vulnerabilities

NocoDB is an open source Airtable replacement. Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb into a smart spreadsheet. A security vulnerability exists in NocoDB versions 0.202.6 through prior to 0.202.10, which stems from the presence of a stored cross-site scripting vulnerability...

Google Golang 安全漏洞

Google Golang is a static strongly typed, compiled language from Google.Go's syntax is close to that of C, but differs with respect to variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages that...

PT-2024-29467 · Panasonic · Panasonic Kw Watcher

Name of the Vulnerable Software and Affected Versions: Panasonic KW Watcher versions 1.00 through 2.83 Description: A buffer error may allow attackers malicious read access to memory. Recommendations: For Panasonic KW Watcher versions 1.00 through 2.83, consider updating to a version that fixes t...

Eclipse Dataspace Components 安全漏洞

Eclipse Dataspace Components is a development connector for Eclipse Dataspace Components open source. A security vulnerability exists in Eclipse Dataspace Components versions 0.2.1 through 0.6.2. An attacker exploiting this vulnerability could obtain OAuth2 client secrets from the repository...

Suricata 安全漏洞

Suricata is a suite of network Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

ARM Valhall GPU Kernel Driver 资源管理错误漏洞

ARM Valhall GPU Kernel Driver is a Valhall GPU kernel driver from ARM UK. A security vulnerability exists in ARM Valhall GPU Kernel Driver versions r41p0 through r47p0, Arm 5th Gen GPU Architecture Kernel Driver versions r41p0 through r47p0, which stems from a post-release reuse vulnerability in...

ARM Mali GPU Driver 资源管理错误漏洞

ARM Mali GPU Driver is a driver from ARM UK for Mali GPU support. A security vulnerability exists in ARM Mali GPU Driver versions r41p0 through r47p0, which stems from a post-release reuse vulnerability in the kernel driver that allows an attacker to perform incorrect GPU memory handling operatio...

PT-2024-11986 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.4.1 through 11.0.0 Description: The issue allows a remote attacker to obtain sensitive information when a stack trace is returned in the browser. Recommendations: For versions 10.4.1 through 11.0.0, update to...

WordPress plugin MailerLite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Pluto 安全漏洞

Pluto is a unique language for Lua open-sourced by PlutoLang. It is used for general-purpose programming. A security vulnerability exists in Pluto versions 0.9.0 through 0.9.2, which stems from a vulnerability that allows an attacker to spoof Pluto with a specially crafted certificate for a remot...

IBM Storage Scale 安全漏洞

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations effectively manage and scale storage resources to meet growing data storage needs. A security vulnerability exists in IBM Storage Scale versions 5.1.0.0 through 5.1.9.2. An attacker...

cn.sliew:carp-ageiport-server (>=0.0.10 <=0.0.14), com.abavilla:fpi-bot-api (>=1.8.1 <=1.8.5) +190 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common (>=3.3.0 <=3.6.8)

io.quarkus:quarkus-resteasy-reactive-common MAVEN version =3.3.0, =0.0.10, =1.8.1, =1.8.1, =1.8.6, =1.8.6, =1.9.0, =1.9.0, =1.10.1, =1.10.1, =1.0.29, =1.0.29, =1.6.1, =1.6.1, =1.5.1, =1.5.1, =1.6.0 and more Source cves: CVE-2023-5675 Source advisory: OSV:GHSA-25W4-HFQG-4R52...

UBUNTU-CVE-2024-4006

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions...

MongoDB Compass 安全漏洞

MongoDB Compass is a free interactive tool from the US-based MongoDB Inc. for querying, optimizing, and analyzing MongoDB data. A security vulnerability exists in MongoDB Compass versions 1.35.0 through 1.40.5, which stems from the possibility that the application may accept and use insufficientl...