LibreChat 安全漏洞

LibreChat is an enhanced ChatGPT clone by Danny Avila Personal Developer. A security vulnerability exists in LibreChat 0.8.0 and prior versions that stems from insufficient validation of JSON request input, which may result in unintended prompt modifications...

EUVD-2025-28593

Malicious code in bioql PyPI...

Agent Zero 安全漏洞

Agent Zero is an artificial intelligence framework by the individual developer Jan Tomášek. A security vulnerability exists in Agent Zero version v0.8, which stems from improper permissions and could lead to a system reset...

CVE-2025-55523

An issue in the component /api/downloadworkdirfile.py of Agent-Zero v0.8. allows attackers to execute a directory traversal...

CVE-2021-36434

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jojsoncheck function in jocms/apps/mask/inc/getmask.php...

CVE-2019-17493

Jiangnan Online Judge aka jnoj 0.8.0 has XSS via the Problemsampleinput parameter to web/admin/problem/create or web/polygon/problem/update...

CVE-2019-17489

Jiangnan Online Judge aka jnoj 0.8.0 has XSS via the Problemtitle parameter to web/polygon/problem/create or web/polygon/problem/update or web/admin/problem/create...

CVE-2025-39437 WordPress Anthologize plugin <= 0.8.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.3...

CVE-2025-31462 WordPress CGM Event Calendar <= 0.8.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rzfarrell CGM Event Calendar allows Reflected XSS. This issue affects CGM Event Calendar: from n/a through 0.8.5...

WordPress plugin Easy cache 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-32718

Server-Side Request Forgery SSRF vulnerability in Webangon The Pack Elementor.This issue affects The Pack Elementor addons: from n/a through 2.0.8.2...

OPENSUSE-SU-2023:0162-1 Security update for xonotic

This update for xonotic fixes the following issues: Update to version 0.8.6 SECURITY ALERT: A bug was discovered in versions older than 0.8.6 that is believed to be exploitable by malicious server admins to crash clients or, if they defeat mitigations, execute arbitrary code. boo1212632 update to...

AZL-33628 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.17-2

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

Johnson Controls EasyIO CPT Graphics 安全漏洞

Johnson Controls EasyIO CPT Graphics is a built-in graphics feature of an open source software programming tool from Johnson Controls, Inc. It is used to create graphic pages that can be viewed in a Web browser. A security vulnerability exists in Johnson Controls EasyIO CPT Graphics version v0.8...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a heap buffer overflow vulnerability exists in the ODReadUTF8String function in odfcode.c in GPAC version 0.8.0. An attacker could exploit the vulnerability to cause a denial of service via specially crafted...

ezXML out-of-bounds write vulnerability (CNVD-2021-30593)

ezXML is a C library for parsing XML documents . An out-of-bounds write vulnerability exists in libezxml.a in ezXML version 0.8.6. The vulnerability stems from a memory handling error performed by the ezxmlparsestr function when parsing a specially crafted XML file. An attacker could exploit the...

DEBIAN-CVE-2021-26221

The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool...

GPAC Invalid Pointer Dereference Vulnerability (CNVD-2020-19877)

GPAC is a multimedia framework for rich media and distributed under the LGPL license. An invalid pointer dereference vulnerability exists in gflistcount in utils/list.c in libgpac.a in versions of GPAC prior to 0.8.0. An attacker can exploit this vulnerability to cause a denial of service via a...

Jiangnan Online Judge Cross-Site Scripting Vulnerability (CNVD-2019-36852)

Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...

PT-2008-6644 · Projectpier · Projectpier

Name of the Vulnerable Software and Affected Versions: ProjectPier versions 0.8 and earlier Description: A cross-site request forgery issue allows remote attackers to perform actions as an administrator via the query string, such as a delete project action. Recommendations: For ProjectPier versio...