STIGQter 路径遍历漏洞

STIGQter is a compliance checklist generation and reporting tool developed by Jon Hood. Versions of STIGQter from 0.1.2 to 1.2.7 contained a path traversal vulnerability. This vulnerability occurred when processing malicious.stigqter files, allowing attackers to execute local code during the user...

CVE-2026-25731 Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...

Malicious code in unix-web-export-key-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d60838cb059ad234ae83460587017a2a0124557f3c34684256b7ffcf37b12d3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175816

Malicious code in unix-web-export-key-data npm...

UBUNTU-CVE-2021-36401

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk...

Skype v8.x - History Export v7 Web Vulnerability

Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...