EUVD-2022-6439

Malicious code in bioql PyPI...

BIT-LIBPHP-2022-31628 phar wrapper can occur dos when using quine gzip file

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...

CVE-2025-54780 glpi-screenshot-plugin exposes local files in /ajax/screenshot.php

The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. In versions below 2.0.2, authenticated user can use the /ajax/screenshot.php endpoint to leak files from the system or use PHP wrappers. This is fixed in version 2.0.2...

Server-side Request Forgery (SSRF)

Overview agpt is an An open-source attempt to make GPT-4 autonomous Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the requests wrapper. An attacker can manipulate the request process to access unauthorized data or interact with internal services by...

UBUNTU-CVE-2023-35169

PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code executio...

podman: Security regression of CVE-2020-8945 due to source code management issue

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...

CVE-2000-0037

Technical details for CVE-2000-0037 are not publicly provided in the connected documents; only the high-level description is available. Monitor for updates.