... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services.... weiterlesen

Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded... weiterlesen

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for... weiterlesen

fof/byobu is a private discussions extension for Flarum forum. Affected versions were found to not respect private discussion disablement by users. Users... weiterlesen

Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory... weiterlesen

... weiterlesen

Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to... weiterlesen

OpenZeppelin Contracts is a library for secure smart contract development. This issue concerns instances of Governor that use the module `GovernorVotesQuorumFraction`,... weiterlesen

OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 `supportsInterface` query can cause unbounded... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace.... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace.... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace.... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace.... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace.... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl... weiterlesen

OpenZeppelin Contracts is a library for secure smart contract development. Contracts using the cross chain utilities for Arbitrum L2, `CrossChainEnabledArbitrumL2`... weiterlesen

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been... weiterlesen

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users... weiterlesen

An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and... weiterlesen

PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability... weiterlesen

Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient escaping of white space when interpolating... weiterlesen

Discourse is the an open source discussion platform. In affected versions a maliciously crafted request for static assets could cause error responses to... weiterlesen

The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause... weiterlesen

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert... weiterlesen

DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace.... weiterlesen

NextAuth.js is a complete open source authentication solution for Next.js applications. An information disclosure vulnerability in `next-auth` before `v4.10.2`... weiterlesen

mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the `Hide... weiterlesen

... weiterlesen

CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side... weiterlesen

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This... weiterlesen

eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without... weiterlesen

Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by... weiterlesen

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user... weiterlesen

Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users’... weiterlesen

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module.... weiterlesen

laminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications... weiterlesen

... weiterlesen

IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID:... weiterlesen

IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from... weiterlesen

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote... weiterlesen

IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending... weiterlesen

IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct... weiterlesen

Entry in order to delete this sub-profile, you must first create an account. then you need to find the user id and master id of the account that you will... weiterlesen

... weiterlesen

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly... weiterlesen

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution... weiterlesen

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution... weiterlesen

... weiterlesen

NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting... weiterlesen

... weiterlesen

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <=... weiterlesen

... weiterlesen

... weiterlesen

File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources,... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In httpclient, there is a possible out of bounds write due to uninitialized data. This could lead to remote escalation of privilege with no additional... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

... weiterlesen

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify... weiterlesen

In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege... weiterlesen

In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution... weiterlesen

In emi mpu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution... weiterlesen

In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution... weiterlesen

A vulnerability has been found in Tor Browser up to 0.4.7.7 and classified as problematic. Affected by this vulnerability is an unknown functionality... weiterlesen

A vulnerability, which was classified as critical, was found in Nexans FTTO GigaSwitch. Affected is an unknown function of the file libnx_apl.so of the... weiterlesen

A vulnerability, which was classified as problematic, has been found in SoftGuard Web up to 5.1.4. This issue affects some unknown processing. The manipulation... weiterlesen

A vulnerability classified as problematic was found in Gentics CMS up to 5.43.0. This vulnerability affects unknown code. The manipulation of the argument... weiterlesen

A vulnerability classified as critical has been found in Pexip Infinity up to 27.1. This affects an unknown part of the component Conference Join Handler.... weiterlesen

A vulnerability was found in Infiray IRAY-A8Z3 1.0.957. It has been rated as critical. Affected by this issue is some unknown functionality of the file... weiterlesen

A vulnerability was found in Unit4 Teta Mobile Edition up to 29.5.HF16. It has been declared as critical. Affected by this vulnerability is an unknown... weiterlesen