AI-Infra-Guard 访问控制错误漏洞

AI-Infra-Guard is an open-source AI security risk detection and red-team testing platform developed by Tencent. Version 4.0 of AI-Infra-Guard contains a access control vulnerability, which stems from incorrect handling of the file common/websocket/taskmanager.go, potentially leading to informatio...

EUVD-2025-17796

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-17281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and...

CVE-2025-22254

An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...

PT-2025-24714 · Fortinet +1 · Fortiproxy +3

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.6.0 through 7.6.1 Fortinet FortiOS versions 7.4.0 through 7.4.6 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.0.0 through 7.0.16 Fortinet FortiOS version before 6.4.15 FortiProxy versio...

Fortinet FortiWeb Privilege escalation in GUI websocket module (FG-IR-25-006)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-006 advisory. - An Improper Privilege Management vulnerability CWE-269 affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through...

Fortinet Fortigate Privilege escalation in GUI websocket module (FG-IR-25-006)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-006 advisory. - An Improper Privilege Management vulnerability CWE-269 affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 throug...

ws module remote memory leak vulnerability

The ws module is a Node.js WebSocket server implementation. A security vulnerability exists in the ping function in versions of the ws module prior to 1.0.0. An attacker can exploit this vulnerability to cause ws to send the contents of a buffer that has been allocated for use to the server,...

UBUNTU-CVE-2016-10518

A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...