Gradio 安全漏洞

Gradio is an open-source Python library developed by Google. It provides a user-friendly web interface for demonstrating machine learning models. Prior to version 6.15.0, Gradio had a security vulnerability. This vulnerability stemmed from the use of shared module-level HTTP clients, which allowe...

EUVD-2001-1142

Malware in sbrugna...

EUVD-2021-2612

Malware in sbrugna...

EUVD-2021-33480

Malicious code in bioql PyPI...

CVE-2025-40645 Exposure of sensitive information in Viday

Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated attacker to obtain sensitive information about customers by sending an HTTP GET request to “/api/reserva/web/clients” using the “phone” parameter...

DEBIAN-CVE-2024-11831

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CLSA-2024-1730369054 squid: Fix of CVE-2023-5824

CVE-2023-5824: Fix improper handling of structural elements to prevent DoS attacks against HTTP and HTTPS clients...

apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients

A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory...

Fedora: Security Advisory (FEDORA-2024-8ca9261bdd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GO-2024-2795 Mattermost crashes web clients via a malformed custom status in github.com/mattermost/mattermost-server

Mattermost crashes web clients via a malformed custom status in github.com/mattermost/mattermost-server...

Fedora: Security Advisory for squid (FEDORA-2024-a414a81d47)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Check For Unusual Or Exceptional Conditions

Mattermost Server is vulnerable to Improper Check for Unusual or Exceptional Conditions. The vulnerability is caused due to inadequate validation of custom status values in the user properties within user.go.This allows an attacker to crash users' web clients by submitting malformed custom status...

CVE-2024-4182

A flaw was found in Mattermost, where it fails to handle JSON parsing errors in custom status values. This flaw allows an authenticated attacker to crash other users' web clients via a malformed custom status...

GHSA-8F99-G2PJ-X8W3 Mattermost crashes web clients via a malformed custom status

Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users' web clients via a malformed custom status...

CVE-2024-4182

Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users' web clients via a malformed custom status...

CVE-2024-4182

CVE-2024-4182 affects Mattermost server: versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values. This allows an authenticated attacker to crash other users’ web clients by submitting a malformed custom status. The...

CVE-2024-4182

Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users' web clients via a malformed custom status...