Axel PUMA 安全漏洞

Axel PUMA is an FM re-broadcast receiver and IP encoder device from Axel Italy. A security vulnerability exists in Axel PUMA versions 0.8.5 through 1.0.3, which stems from a lack of authentication in the /cgi-bin/gstFcgi.fcgi endpoint, and could lead to a complete crack of the device...

CVE-2025-54368 uv is vulnerable to ZIP payload obfuscation through parsing differentials

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

image_picker_android 安全漏洞

imagepickerandroid is a Flutter package open-sourced by Flutter. A security vulnerability exists in imagepickerandroid versions 0.8.5+6 through 0.8.12+17, which stems from a lack of cleanup checks on filenames, and makes it vulnerable to malicious document providers...

CVE-2022-0664

Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1...

@architect-io/cli (>=0.3.13 <=0.5.2-rc.7), @mishguru/logview-cli (>=4.0.0 <=4.6.0) +8 more potentially affected by CVE-2020-15125 via auth0 (>=0.8.5 <=2.25.1)

auth0 NPM version =0.8.5, =0.3.13, =4.0.0, =0.0.34, =3.1.0, =0.0.0, =0.1.0, =0.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 Source cves: CVE-2020-15125 Source advisory: OSV:GHSA-5JPF-PJ32-XX53...