| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 326177 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-07-07 | CVE-2025-53532 | cve | giscus is a commenting system powered by GitHub Discussions. A bug in giscus' discussions creation API allowed an unauthorized user to create discussions on any repository ... |
| 7.3 | 2025-07-07 | CVE-2025-7136 | cve | A vulnerability, which was classified as critical, was found in Campcodes Online Recruitment Management System 1.0. Affected is an unknown function of the file /admin/view_vacan... |
| 6.3 | 2025-07-07 | CVE-2025-7137 | cve | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/schedule-staff.... |
| N/A | 2025-07-07 | CVE-2024-43334 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavias Halpes allows Reflected XSS.This issue affects Halpes: fro... |
| N/A | 2025-07-07 | CVE-2025-3044 | cve | A vulnerability in the ArxivReader class of the run-llama/llama_index repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for dow... |
| N/A | 2025-07-07 | CVE-2025-3046 | cve | A vulnerability in the `ObsidianReader` class of the run-llama/llama_index repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The `O... |
| N/A | 2025-07-07 | CVE-2025-3225 | cve | An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llama_index repository, specifically affe... |
| N/A | 2025-07-07 | CVE-2025-3262 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due ... |
| N/A | 2025-07-07 | CVE-2025-3263 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_configuration_file()` function wit... |
| N/A | 2025-07-07 | CVE-2025-3264 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_imports()` function within `dynami... |
| N/A | 2025-07-07 | CVE-2025-3466 | cve | langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability ... |
| N/A | 2025-07-07 | CVE-2025-3467 | cve | An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrato... |
| 9.1 | 2025-07-07 | CVE-2025-3626 | cve | A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command ('OS Command Injec... |
| 6.8 | 2025-07-07 | CVE-2025-3705 | cve | A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command ('OS Command In... |
| N/A | 2025-07-07 | CVE-2025-3777 | cve | Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the `image_utils.py` file. The vulnerability arises from insecure U... |
| N/A | 2025-07-07 | CVE-2025-4779 | cve | lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An unauthenticated attacker can inject malicious JavaScript into the `v1/runs/inge... |
| N/A | 2025-07-07 | CVE-2025-5472 | cve | The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to tri... |
| N/A | 2025-07-07 | CVE-2025-6210 | cve | A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits... |
| N/A | 2025-07-07 | CVE-2025-6386 | cve | The parisneo/lollms repository is affected by a timing attack vulnerability in the `authenticate_user` function within the `lollms_authentication.py` file. This vulnerability al... |
| 7.3 | 2025-07-07 | CVE-2025-7122 | cve | A vulnerability was found in Campcodes Complaint Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. T... |
| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 326177 |
