|
851
|
- |
|
-
|
-
|
NiceGUI is an easy-to-use, Python-based UI framework. Prior to 2.9.1, authenticating with NiceGUI logged in the user for all browsers, including browsers in incognito mode. This vulnerability is fixe…
|
CWE-287
Improper Authentication
|
CVE-2025-21618
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
852
|
- |
|
-
|
-
|
AAT (Another Activity Tracker) is a GPS-tracking application for tracking sportive activities, with emphasis on cycling. Versions lower than v1.26 of AAT are vulnerable to data exfiltration from mali…
|
CWE-200
Information Exposure
|
CVE-2025-21615
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
853
|
- |
|
-
|
-
|
go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an att…
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2025-21614
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
854
|
- |
|
-
|
-
|
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vuln…
|
CWE-88
Argument Injection
|
CVE-2025-21613
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
855
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the to_lowercase, to_uppercase, strip_whi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-55605
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
856
|
3.1 |
LOW
Network
|
-
|
-
|
IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrar…
|
CWE-80
Basic XSS
|
CVE-2024-51472
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
857
|
- |
|
-
|
-
|
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing mal…
|
-
|
CVE-2023-6605
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
858
|
- |
|
-
|
-
|
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbi…
|
-
|
CVE-2023-6604
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
859
|
- |
|
-
|
-
|
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file e…
|
-
|
CVE-2023-6601
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
860
|
8.8 |
HIGH
Network
|
-
|
-
|
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions from 1.23.8 to 1.24.11 via deserialization of untrusted input in the 'recursiv…
|
-
|
CVE-2024-10957
|
2025-01-7 02:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
