Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH. Open OnDemand versions 4.0.8 and 3.1.16 have bee
Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory.
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of
Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, users can craft a "Time of Check to Time of Use" (TOCTOU) attack when downloading zip files to access files outside of t
Open OnDemand is an open-source HPC portal. Prior to versions 3.1.15 and 4.0.7, noVNC interactive applications did not correctly rotate the password when TurboVNC was higher than version 3.1.2. The li
Open OnDemand provides remote web access to supercomputers. In versions 4.0.8 and prior, the Apache proxy allows sensitive headers to be passed to origin servers. This means malicious users can create
OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /op
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web se
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, an authenticated attacker can inject malicious JavaScript into their Open XDMoD user profile and abuse
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request
HP System Event Utility and Omen Gaming Hub might allow execution of
certain files outside of their restricted paths. This
potential vulnerability was remediated with HP System
Event
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org
OpenProject is an open-source, web-based project management software. Prior to 17.2.0, an authenticated project member with BCF import permissions can upload a crafted .bcf archive where the
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scena
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scena
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scena
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scena
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
Page 1+ Next →