GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

GHSA-7mr7-4f54-vcx5: HTTP Client uses incorrect token after refresh

GHSA-hfq9-hggm-c56q: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

GHSA-3m9x-2qfj-xvq4: PHPExcel XXE Vulnerability

GHSA-q78v-cv36-8fxj: Devtron has SQL Injection in CreateUser API

NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.

**ntlk unsafe deserialization vulnerability**

High severity GitHub Reviewed Published Jun 28, 2024 to the GitHub Advisory Database • Updated Jun 28, 2024

Headline

GHSA-cgvx-9447-vcch: ntlk unsafe deserialization vulnerability

ghsa: Latest News