CVE-2025-51479

Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/ma ...

Continue Reading

July 22, 2025

CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW- ...

Continue Reading

July 22, 2025

CVE-2025-51479

Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/ma ...

Continue Reading

July 22, 2025

CVE-2025-51464

Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which is ...

Continue Reading

July 22, 2025

CVE-2025-51464

Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which is ...

Continue Reading

July 22, 2025

Updated qtbase6 & qtbase5 packages fix security vulnerability

An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed d ...

Continue Reading

July 22, 2025

CVE-2025-51859

creation_timestamp| type| source ---|---|--- 2025-07-22 17:06:15+00:00| seen|...Read More ...

Continue Reading

July 22, 2025

CVE-2025-51865

creation_timestamp| type| source ---|---|--- 2025-07-22 17:03:45+00:00| seen|...Read More ...

Continue Reading

July 22, 2025

1 566 567 568 569 570 9,321

Back to Main
Subscribe for the latest news: