Description FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0 References
Description Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A
Description trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the
Description Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job
Description Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page.
Description A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization
Description authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2
Description The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES
Description ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack
Description dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed
Description The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL Injection via the
Description iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking
Description Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to
Description A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an
Description A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by
In today’s digital environment, discussions about SaaS data backups often revolve around three important questions. How can we protect data
Description A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions
Description A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz
Description BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the
Description In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection.
Description Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the
Description BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote code execution.
Description An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running
Description D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL.