CVE-2026-41073 RT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar apps

RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...

PowerDNS Recursor 安全漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor versions 5.0.10, 5.1.4, and 5.2.2 and above, which stems from the fact that spoofing attempts for ECS-enabled queries have a higher chance of...

PYSEC-2024-157

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

at.porscheinformatik.tapestry:tapestry-csrf-protection (>=2.0.0.RELEASE <=3.0.1.RELEASE), br.com.arsmachina:tapestry-url-rewriter (>=1.0.1 <=2.0.0) +133 more potentially affected by CVE-2022-31781 via org.apache.tapestry:tapestry-core (>=5.0.10 <=5.8.1)

org.apache.tapestry:tapestry-core MAVEN version =5.0.10, =2.0.0.RELEASE, =1.0.1, =0.9.11, =0.9.13, =1.0.4, =0.1.1, =0.8.6, =0.8.6, =0.9, =1.3, =3.0, =0.8.9, =1.3, =0.8.9, =0.9-obsolete and more Source cves: CVE-2022-31781 Source advisory: OSV:GHSA-227G-7CVV-6FF3...

FortiManager Command Injection Vulnerability

Fortinet FortiManager VM is a centralized network security management platform for virtual machines. FortiManager versions 5.2.1 and earlier, 5.0.10 and earlier, have a command injection vulnerability in the implementation that can be exploited by an attacker to run system commands while executin...