Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu fw-food-menu allows Using Malicious Files.This issue affects FW Food Menu : from n/a through <= 6.0.0.

Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex. This issue affects ash_authentication_phoenix until 2.10.0.

A path traversal vulnerability exists in the file dropoff functionality of ZendTo versions 6.15-7 and prior. This could allow a remote, authenticated attacker to retrieve the files of other ZendTo users, retrieve files on the host system, or cause a denial of service.

conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. Prior to version 2025.3.24, the conda_forge_webservice Docker container executes commands without specifying a user. By default, Docker containers run as the root user, which increases the risk of privile…

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server