NA - CVE-2025-25289 - @octokit/request-error is an error class for...
@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the...
NA - CVE-2025-25290 - @octokit/request sends parameterized requests...
@octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version 1.0.0 and prior to version 9.2.1, the regular expression `/]+)>;...
NA - CVE-2025-25296 - Label Studio is an open source data labeling...
Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's `/projects/upload-example` endpoint allows injection of arbitrary HTML through a `GET` request with...
NA - CVE-2025-25297 - Label Studio is an open source data labeling...
Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage integration feature contains a Server-Side Request Forgery (SSRF) vulnerability in its...
NA - CVE-2025-25304 - Vega is a visualization grammar, a declarative...
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to version 5.26.0 of vega and 5.4.2 of vega-selections, the...
NA - CVE-2022-26083 - Generation of weak initialization vector in an...
Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via...
NA - CVE-2022-28693 - Unprotected alternative channel of return...
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
NA - CVE-2024-31144 - For a brief summary of Xapi terminology, see:...
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about...
NA - CVE-2025-0592 - The vulnerability may allow a remote low...
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the firmware file and uploading it to the device.
NA - CVE-2025-0593 - The vulnerability may allow a remote low...
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device.