6.5
CVE-2025-1521 - PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists witβ¦
8.0
CVE-2025-1520 - PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the iβ¦
8.8
CVE-2025-1050 - Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability
Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing ofβ¦
8.8
CVE-2025-1049 - Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the procesβ¦
8.8
CVE-2025-1048 - Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exisβ¦
7.8
CVE-2025-1047 - Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must vβ¦
7.8
CVE-2025-1046 - Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious β¦
7.8
CVE-2025-1045 - Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabiliβ¦
Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the targβ¦
6.5
CVE-2024-47829 - pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect pβ¦
pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name /node_β¦
7.5
CVE-2025-21605 - Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client
Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output β¦