A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload whi...
OpenFGA Improper Policy Enforcement
tract-nnef: integer overflow in NNEF `.dat` tensor parser yields an out-of-bounds read on model load
PGHoard: Password written to debug log
Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID
opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication
Kirby: `pages.access` permission is not checked in the `site/find` REST API route
Kirby: Access to files of top-level drafts is not protected by permissions
Kirby: External Initialization of the Panel on reverse proxy setups with the `Forwarded` header
Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`
Kirby: Request header injection in `Http\Remote`
Kirby: Self cross-site scripting (self-XSS) in the writer field
Kirby: `pages.access` permission is not checked in the pages picker for parent pages
opentelemetry-collector-contrib sentryexporter: Path traversal in Sentry exporter via attacker-controlled service.name reaches privileged Sentry API endpoints with operator bearer token
Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default non-s...
Grav: Stored CSS injection via Markdown image ?style=โฆ reaches MediaObjectTrait::style() โ incomplete patch of GHSA-r7fx-8g49-7hhr
Grav: Admin Backup Zip File Exposes Account Credentials and Configuration Secrets
Podman: WORKDIR symlink traversal vulnerability
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory (use-after-free).
An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpe...