| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. |
| Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTemplates). Any request with a Authorization: Bearer nothing token can leak sensitive template content, including embedded Secret manifests. This vulnerability is fixed in 4.0.2 and 3.7.11. |
| A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wx_weimai/controller/admin/Admin_AdminUserController.java. Performing a manipulation of the argument keyword results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet. |
| External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access. |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain conditions could have allowed an authenticated user to cause a denial of service due to improper handling of webhook response data. |
| The grafanacubism-panel plugin allows use of cubism.js in Grafana. In 0.1.2 and earlier, the panel's zoom-link handler passes a dashboard-editor-supplied URL directly to window.location.assign() / window.open() with no scheme validation. An attacker with dashboard Editor privileges can set the link to a javascript: URI; when any Viewer drag-zooms on the panel, the payload executes in the Grafana origin. |
| An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username. |
| GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to access Virtual Registry data in groups where they are not members due to improper authorization under certain conditions. |
| In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled |
| Vociferous provides cross-platform, offline speech-to-text with local AI refinement. Prior to 4.4.2, the vulnerability exists in src/api/system.py within the export_file route. The application accepts a JSON payload containing a filename and content. While the developer intended for a native UI dialog to handle the file path, the API does not validate the filename string before it is processed by the backends filesystem logic. Because the API is unauthenticated and the CORS configuration in app.py is overly permissive (allow_origins=["*"] or allowing localhost), an external attacker can bypass the UI entirely. By using directory traversal sequences (../), an attacker can force the app to write arbitrary data to any location accessible by the current user's permissions. This vulnerability is fixed in 4.4.2. |
| Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO (UserInfo endpoint).
We recommend upgrading to versions 2026.01.4 (or 5.26.22) where the issue is fixed. |
| Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. In devalue v5.6.3 and earlier, devalue.parse and devalue.unflatten were susceptible to prototype pollution via maliciously crafted payloads. Successful exploitation could lead to Denial of Service (DoS) or type confusion. This vulnerability is fixed in 5.6.4. |
| SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to execute code on the device with router privileges. |
| Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered confirmation packages to pass integrity checks. This vulnerability is fixed in 3.0.0. |
| SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition. |
| Calling NSS-backed functions that support caching via nscd may call the
nscd client side code and in the GNU C Library version 2.36 under high
load on x86_64 systems, the client may call memcmp on inputs that are
concurrently modified by other processes or threads and crash.
The nscd client in the GNU C Library uses the memcmp function with
inputs that may be concurrently modified by another thread, potentially
resulting in spurious cache misses, which in itself is not a security
issue. However in the GNU C Library version 2.36 an optimized
implementation of memcmp was introduced for x86_64 which could crash
when invoked with such undefined behaviour, turning this into a
potential crash of the nscd client and the application that uses it.
This implementation was backported to the 2.35 branch, making the nscd
client in that branch vulnerable as well. Subsequently, the fix for
this issue was backported to all vulnerable branches in the GNU C
Library repository.
It is advised that distributions that may have cherry-picked the memcpy
SSE2 optimization in their copy of the GNU C Library, also apply the fix
to avoid the potential crash in the nscd client. |
| Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. |
| A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used. |
| Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. |
| Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not possible under standard network conditions due to HTTPS with proper TLS certificate validation; however, environments with TLS-intercepting proxies (common in corporate networks), compromised certificate authorities, or other trust boundary violations are at risk. When processing HTTP responses during notarization, Quill reads the entire response body into memory without any size limit. An attacker who can control or modify the response content can return an arbitrarily large payload, causing the Quill client to run out of memory and crash. The impact is limited to availability; there is no effect on confidentiality or integrity. Both the Quill CLI and library are affected when used to perform notarization operations. This vulnerability is fixed in 0.7.1. |
