AutoGPT 资源管理错误漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. In versions 0.4.2 to 0.6.51 of AutoGPT, there was a resource management vulnerability. This vulnerability occurred because the downloadagentfile endpoint created temporary files without...

CVE-2025-48364

Server-Side Request Forgery SSRF vulnerability in vEnCa-X rajce rajce allows Server Side Request Forgery.This issue affects rajce: from n/a through = 0.4.2...

loona 安全漏洞

loona is an open source library from bearcove. A security vulnerability exists in loona version 0.4.2 and earlier, which stems from the presence of a mishandling exception that results in an attack on all users attempting to decode untrusted input using the decoder...

@cloudnexa/vnoc-bedrock (>=0.3.27 <=1.0.2), @oguennec/remotedev-server (=0.8.4) +46 more potentially affected by CVE-2020-28442 via js-data (>=0.4.2 <=3.0.0-rc.5)

js-data NPM version =0.4.2, =0.3.27, =1.0.2, =1.0.0, =0.2.5, =1.0.0, =2.0.1, =1.1.1, =1.0.0, =0.0.2, =0.4.2, =0.4.2, =2.2.4 and more Source cves: CVE-2020-28442 Source advisory: OSV:GHSA-MQGV-67VX-G4M5...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 08cms (=1.0.0) +17682 more potentially affected by CVE-2022-25758 via scss-tokenizer (>=0.1.2 <=0.4.2)

scss-tokenizer NPM version =0.1.2, =1.0.1, =1.0.4, =1.0.3, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =0.1.276 - 5coder-pages =0.2.0 and more Source cves: CVE-2022-25758 Source advisory: SNYK:JS-SCSSTOKENIZER-2339884...

GHSA-663J-RJCR-789F CSV injection in shuup

“Shuup” application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injection” vulnerability. A customer can inject payloads in the name input field in the billing address while buying a product. When a store administrator accesses the reports page to export the data as an Excel file and...