Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application ...
FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected fi...
ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.
ImageMagick: Stack overflow in fx operation
ImageMagick: Use-After-Free in MSL decoder.
ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions
ImageMagick: Policy Bypass in MNG coder could
ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.
HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint
NiceGUI: Unauthenticated log-volume denial of service in dynamic resource routes
NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI
OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages
OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers
OpenTelemetry eBPF Instrumentation: CappedConcurrentHashMap leaks keys after removals
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version ch...
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcript_path value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a pe...
Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values, allowing attackers to inject arbitrary ANSI codes into terminal sessions. Attackers can embe...