CVE-2025-48949 Navidrome allows SQL Injection via role parameter

Navidrome is an open source web-based music collection server and streamer. Versions 0.55.0 through 0.55.2 have a vulnerability due to improper input validation on the role parameter within the API en ...

Continue Reading

May 30, 2025

CVE-2025-48883

creation_timestamp| type| source ---|---|--- 2025-05-30 19:07:50+00:00| seen|...Read More ...

Continue Reading

May 30, 2025

CVE-2025-48942 vLLM DOS: Remotely kill vllm over http with invalid JSON schema

vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid json_schema as a Guided Param kil ...

Continue Reading

May 30, 2025

CVE-2025-48938

creation_timestamp| type| source ---|---|--- 2025-05-30 19:08:14+00:00| seen|...Read More ...

Continue Reading

May 30, 2025

CVE-2025-48942

creation_timestamp| type| source ---|---|--- 2025-05-30 19:08:13+00:00| seen|...Read More ...

Continue Reading

May 30, 2025

CVE-2022-29469

creation_timestamp| type| source ---|---|--- 2025-05-30 21:02:20+00:00| seen|...Read More ...

Continue Reading

May 30, 2025

CVE-2025-48944

creation_timestamp| type| source ---|---|--- 2025-05-30 19:07:48+00:00| seen|...Read More ...

Continue Reading

May 30, 2025

Arrow2 allows out of bounds access in public safe API

Rows::row_unchecked() allows out of bounds access to the underlying buffer without sufficient checks. The arrow2 crate is no longer maintained, so there are no plans to fix this issue. Users are advis ...

Continue Reading

May 30, 2025

1 1,260 1,261 1,262 1,263 1,264 9,321

Back to Main
Subscribe for the latest news: