EUVD-2026-20156

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ameliabooking Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through = 2.1.1...

CVE-2026-32515

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...

CVE-2025-64645

IBM Concert 1.0.0 through 2.1.0 could allow a local user to escalate their privileges due to a race condition of a symbolic link...

CVE-2025-64323

kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend...

ImageSharp 安全漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API open-sourced by Six Labors. A security vulnerability exists in ImageSharp versions prior to 2.1.11 and 3.0.0 through 3.1.10, which stems from the possibility of entering an infinite loop when processing specially...

PT-2025-6964 · Disqus · Disqus Popular Posts

Name of the Vulnerable Software and Affected Versions: Disqus Popular Posts versions through 2.1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Reflected XSS. This means an attacker can trick a user into performing unintended actions on a web application...

IBM Planning Analytics 代码问题漏洞

IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines IBM. The solution supports automated execution of processes such as business planning, budgeting, and analysis. A code issue vulnerability exists in IBM Planning Analytics versions 2.0...

CVE-2024-49635

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Manzurul Haque Banner Slider allows Reflected XSS.This issue affects Banner Slider: from n/a through 2.1...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29548 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29548 Source advisory: OSV:GHSA-P45V-V4PW-77JR...

Johnson Controls Metasys Reporting Engine Web Services Path Traversal Vulnerability

Johnson Controls Metasys Reporting Engine Web Services is a system hardware from Johnson Controls USA. Providing this web controller uses the latest developments in information technology to ensure that Metasys systems easily integrate and connect to expanding browsers and remote operation center...

Micro Focus SUSE open build service unauthorized source access vulnerability

Micro Focus SUSE open build service OBS is a software distribution system from Micro Focus UK. The system builds and distributes software packages from source code in an automated, consistent and repeatable manner. A security vulnerability exists in Micro Focus SUSE OBS versions 2.1 through 2.1.1...