DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must o...

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. Versions prior to master-584-0a7ae07 are vulnerable to an out-of-bounds reads error through PyTorch checkpoint pickle opcode parsing. The pickle .ckpt pars...

Deno: Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)

Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions

Deno: Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checks

Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access

Deno: WebSocket API sandbox bypass via missing post-DNS check

Deno: `fetch()` API sandbox bypass via missing DNS resolution check

n8n: Merge Node SQL Mode Prototype Pollution

n8n: Prototype Pollution enables confused-deputy execution via public webhooks

n8n: Missing Token Validation on Microsoft Agent 365 Trigger and Stripe Nodes

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes

n8n: Git Node Clone and Push Operations Bypass File Sandbox

Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read

Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint

PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser.

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution.

Zephyr's IPv6 Neighbor Discovery send paths (net_ipv6_send_na, net_ipv6_send_ns, net_ipv6_send_rs in subsys/net/ip/ipv6_nbr.c) updated the per-interface ICMP-sent statistics by calling net_pkt_iface(pkt) after net_send_data(pkt) had already returned successfully. On the success path the network...

In Zephyr's native IPv4 stack, icmpv4_handle_echo_request() in subsys/net/ip/icmpv4.c builds an echo-reply packet (reply), hands it to net_try_send_data(), and then, on success, calls net_stats_update_icmp_sent(net_pkt_iface(reply)). net_try_send_data() transfers ownership of reply to the TX pa...