Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input. More information : https://github.com/yawkat/lz4-java/releases/tag/v1.8.1
Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue. More information...
Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue. More information : https://lists.apache.org/thread/dlbz5hmm4ts3npzqnvhofxmqg9w9zt0o
Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0. More information : https://gist.github.com/ikpehlivan/4361fa808e04d884e4771be88e891ec2
Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0. More information : https://gist.github.com/ikpehlivan/4361fa808e04d884e4771be88e891ec2
CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0. More information : https://gist.github.com/ikpehlivan/4361fa808e04d884e4771be88e891ec2
File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0. More information : https://gist.github.com/ikpehlivan/4361fa808e04d884e4771be88e891ec2
Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python’s tarfile.extractall() method without the security-critical filter=’data’ parameter. Although...
Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic...
Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. More information : https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A8107&LanguageCode=en&DocumentPartId=&Action=Launch
WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. More information : https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. More information : https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. More information : https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to...