BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.19, the recording playback (presentation format) was not sanitizing user's input in public chat. This allowed for a malicious actor to craft and carry out a targeted XSS attack, activated on anyone replaying the recordi...
SOGo versions 5.12.7 and prior contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated users to extract arbitrary data from the database by injecting SQL subqueries through the uid parameter of the addUserInAcls endpoint. Attackers can inj...
Unsafe use of Python's eval() on server-received data in the vector_in() function in amazon-redshift-python-driver before 2.1.14 allows a rogue server or man-in-the-middle actor to execute arbitrary code on the client. To remediate this issue, users should upgrade to version 2.1.14.
In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_create_model_downloading_tmp_dir()` function in `mlflow/pyfunc/__init__.py` creates directories with ...
Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application ...
FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected fi...
ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.
ImageMagick: Stack overflow in fx operation
ImageMagick: Use-After-Free in MSL decoder.
ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions
ImageMagick: Policy Bypass in MNG coder could
ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.
HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint
NiceGUI: Unauthenticated log-volume denial of service in dynamic resource routes
NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI
OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages
OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers