38460 matches found
CVE-2026-28674
Product/Context: xiaoheiFS (self-hosted financial/operational system). Vulnerability: In versions ≤ 0.3.15, the AdminPaymentPluginUpload endpoint allows admins to upload any file to plugins/payment/ with only a hardcoded password (qweasd123456) and disregards file content. A background watcher (S...
SUSE CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
ONNX 安全漏洞
ONNX Open Neural Network Exchange is an open standard for machine learning interoperability, developed under the ONNX open source framework. Versions of ONNX prior to 1.20.1 contain security vulnerabilities. These vulnerabilities stem from improper logic in the repository trust verification...
PT-2026-26022
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpgmza custom js’ parameter in all versions up to, and including, 10.0.05 due to insufficient input sanitization and output escaping and missing capability check in the 'admin post...
Parse Server 安全漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.6.0-alpha.17 and 8.6.42. These vulnerabilities stemmed from the ability to override fields...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. OpenEMR versions 8.0.0 and earlier have security...
DiceBear 安全漏洞
DiceBear is an open-source library for generating random avatars. Versions of DiceBear prior to 9.4.0 contained a security vulnerability. This vulnerability stemmed from the ensureSize function, which read the width and height properties from the input SVG to determine the output canvas size. Thi...
PT-2026-26167
Kan is an open-source project management tool. In versions 0.5.4 and below, the /api/download/attatchment endpoint has no authentication and no URL validation. The Attachment Download endpoint accepts a user-supplied URL query parameter and passes it directly to fetch server-side, and returns the...
PT-2026-26058
🚨 CVE-2026-25449: WordPress Traveler theme 3.2.8... PHP object injection in WordPress Traveler theme with 9.8 CVSS and zero auth requirements - RCE goldmine for mass WordP... https://t.co/VFpIhT0XqE netsec vulnerability CVE sysadmin zeroday...
music-metadata 安全漏洞
music-metadata is an audio file metadata extraction library developed by Borewit’s individual developers. Versions of music-metadata prior to 11.12.3 contained a security vulnerability. This vulnerability stemmed from the ASF parser improperly handling objects with an objectSize of 0, which could...
Linux Distros Unpatched Vulnerability : CVE-2026-28500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass...
Linux Distros Unpatched Vulnerability : CVE-2025-71267
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unvalidated divisor. This vulnerability may lead to zero-division errors and kernel crashes...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ATTRLIST attribute of zero size, potentially triggering an infinite loop and leading to a...
CVE-2026-25937 GLPI has a MFA bypass
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue...
CVE-2026-25937 GLPI has a MFA bypass
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue...
CVE-2026-25937 GLPI has a MFA bypass
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue...
CVE-2026-25936
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue...
Infinite loop
Overview music-metadata is a Music metadata parser for Node.js, supporting virtual any audio and tag format. Affected versions of this package are vulnerable to Infinite loop through the parseExtensionObject process in the ASF parser when handling a sub-object with objectSize = 0. An attacker can...
music-metadata has an infinite loop vulnerability in ASF parser
Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...