In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and version…

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a…

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information di…

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS a…

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated…

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file:…

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Exec…

PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) A…

PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and…

TrueConf Client downloads application update code and applies it without performing verificatio…

Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a r…

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Adv…

ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability du…

playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Che…

Fides is an open-source privacy engineering platform. `fides.js`, a client-side script used to …

In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to in…

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user…

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity v…

MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution th…

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malici…

A download of code without integrity check vulnerability in the "execute restore src-vis" comma…

n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution v…

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin se…

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not hav…

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signat…

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusi…

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which uncond…

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trust_rem…

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows (64-bit) a…

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbit…