๐จ CVE-2023-20094
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device.
This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information.
Note: This vulnerability only affects Cisco Webex Desk Hub.
There are no workarounds that address this vulnerability.
๐@cveNotify
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device.
This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information.
Note: This vulnerability only affects Cisco Webex Desk Hub.
There are no workarounds that address this vulnerability.
๐@cveNotify
Cisco
Cisco Security Advisory: Cisco TelePresence Collaboration Endpoint and RoomOS Arbitrary File Write Vulnerabilities
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS could allow an attacker to elevate privileges, overwrite arbitrary files, or view sensitive data on an affected device.
For more information about these vulnerabilitiesโฆ
For more information about these vulnerabilitiesโฆ
๐จ CVE-2024-21703
This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations.
This Security Misconfiguration vulnerability, with a CVSS Score of 6.4 allows an authenticated attacker of the Windows host to read sensitive information about the Confluence Data Center configuration which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction.
Atlassian recommends that Confluence Data Center and Server customers upgrade to the latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
* Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.18
* Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.5
* Confluence Data Center and Server 8.7: Upgrade to a release greater than or equal to 8.7.2
* Confluence Data Center and Server 8.8: Upgrade to a release greater than or equal to 8.8.0
See the release notes (https://confluence.atlassian.com/conf88/confluence-release-notes-1354501008.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).
This vulnerability was reported via our Atlassian Bug Bounty Program by Chris Elliot.
๐@cveNotify
This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations.
This Security Misconfiguration vulnerability, with a CVSS Score of 6.4 allows an authenticated attacker of the Windows host to read sensitive information about the Confluence Data Center configuration which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction.
Atlassian recommends that Confluence Data Center and Server customers upgrade to the latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
* Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.18
* Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.5
* Confluence Data Center and Server 8.7: Upgrade to a release greater than or equal to 8.7.2
* Confluence Data Center and Server 8.8: Upgrade to a release greater than or equal to 8.8.0
See the release notes (https://confluence.atlassian.com/conf88/confluence-release-notes-1354501008.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).
This vulnerability was reported via our Atlassian Bug Bounty Program by Chris Elliot.
๐@cveNotify
๐จ CVE-2024-26153
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a "setconf" method request, not requiring any CSRF token,
which can lead into denial of service on the device.
๐@cveNotify
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a "setconf" method request, not requiring any CSRF token,
which can lead into denial of service on the device.
๐@cveNotify
๐จ CVE-2024-5980
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path traversal vulnerabilities. This can result in arbitrary files being written to any directory in the victim's local file system, potentially leading to remote code execution.
๐@cveNotify
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path traversal vulnerabilities. This can result in arbitrary files being written to any directory in the victim's local file system, potentially leading to remote code execution.
๐@cveNotify
๐จ CVE-2024-6038
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filter_history function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history filenames using a regular expression search. Due to the lack of sanitization or validation of the keyword parameter, an attacker can inject a specially crafted regular expression, leading to a denial of service condition. This can cause severe degradation of service performance and potential system unavailability.
๐@cveNotify
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filter_history function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history filenames using a regular expression search. Due to the lack of sanitization or validation of the keyword parameter, an attacker can inject a specially crafted regular expression, leading to a denial of service condition. This can cause severe degradation of service performance and potential system unavailability.
๐@cveNotify
๐จ CVE-2023-20004
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.
Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
๐@cveNotify
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.
Note: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
๐@cveNotify
Cisco
Cisco Security Advisory: Cisco TelePresence Collaboration Endpoint and RoomOS Arbitrary File Write Vulnerabilities
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS could allow an attacker to elevate privileges, overwrite arbitrary files, or view sensitive data on an affected device.
For more information about these vulnerabilitiesโฆ
For more information about these vulnerabilitiesโฆ
๐จ CVE-2023-20090
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
๐@cveNotify
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
๐@cveNotify
Cisco
Cisco Security Advisory: Cisco TelePresence Collaboration Endpoint and RoomOS Arbitrary File Write Vulnerabilities
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS could allow an attacker to elevate privileges, overwrite arbitrary files, or view sensitive data on an affected device.
For more information about these vulnerabilitiesโฆ
For more information about these vulnerabilitiesโฆ
โค1
๐จ CVE-2023-20091
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
๐@cveNotify
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
๐@cveNotify
Cisco
Cisco Security Advisory: Cisco TelePresence Collaboration Endpoint and RoomOS Arbitrary File Write Vulnerabilities
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS could allow an attacker to elevate privileges, overwrite arbitrary files, or view sensitive data on an affected device.
For more information about these vulnerabilitiesโฆ
For more information about these vulnerabilitiesโฆ
๐จ CVE-2024-9500
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.
๐@cveNotify
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.
๐@cveNotify
๐จ CVE-2024-37183
Plain text credentials and session ID can be captured with a network sniffer.
๐@cveNotify
Plain text credentials and session ID can be captured with a network sniffer.
๐@cveNotify
๐จ CVE-2024-32943
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
๐@cveNotify
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
๐@cveNotify
๐จ CVE-2024-35246
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
๐@cveNotify
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
๐@cveNotify
๐จ CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.
๐@cveNotify
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.
๐@cveNotify
Google Cloud Documentation
Application Integration release notes | Google Cloud Documentation
๐จ CVE-2025-22992
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions.
๐@cveNotify
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions.
๐@cveNotify
GitHub
Vuln Report: SQL Injection Vulnerability in Emoncms ยท Issue #1916 ยท emoncms/emoncms
Issue Description A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project. The vulnerability is caused by improper handling of user-supplied input in the data ...
๐จ CVE-2025-0896
Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.
๐@cveNotify
Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.
๐@cveNotify
๐จ CVE-2024-4254
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which is unsafe as it allows the running of untrusted code in an environment with access to push to the base repository and access secrets. This flaw could lead to the exfiltration of sensitive secrets such as GITHUB_TOKEN, HF_TOKEN, VERCEL_ORG_ID, VERCEL_PROJECT_ID, COMMENT_TOKEN, AWSACCESSKEYID, AWSSECRETKEY, and VERCEL_TOKEN. The vulnerability is present in the workflow file located at https://github.com/gradio-app/gradio/blob/72f4ca88ab569aae47941b3fb0609e57f2e13a27/.github/workflows/deploy-website.yml.
๐@cveNotify
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which is unsafe as it allows the running of untrusted code in an environment with access to push to the base repository and access secrets. This flaw could lead to the exfiltration of sensitive secrets such as GITHUB_TOKEN, HF_TOKEN, VERCEL_ORG_ID, VERCEL_PROJECT_ID, COMMENT_TOKEN, AWSACCESSKEYID, AWSSECRETKEY, and VERCEL_TOKEN. The vulnerability is present in the workflow file located at https://github.com/gradio-app/gradio/blob/72f4ca88ab569aae47941b3fb0609e57f2e13a27/.github/workflows/deploy-website.yml.
๐@cveNotify
โค1
๐จ CVE-2024-36473
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.
๐@cveNotify
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.
๐@cveNotify
Trendmicro
SECURITY BULLETIN: Arbitrary File Overwrite/Create in Trend Micro VPN
Trend Micro has released a new version of Trend Micro VPN to address a vulnerability that previously allowed local Denial of Service (DoS).
๐จ CVE-2025-8179
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
phpgurukul Local Services Search Engine Management System Project V2.1 /admin/changeimage.php SQL injection ยท Issue #1 ยท yuan-max11/mycve
phpgurukul Local Services Search Engine Management System Project V2.1 /admin/changeimage.php SQL injection NAME OF AFFECTED PRODUCT(S) Local Services Search Engine Management System Vendor Homepag...
๐จ CVE-2018-1273
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
๐@cveNotify
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
๐@cveNotify
โค1
๐จ CVE-2019-0880
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
๐@cveNotify
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
๐@cveNotify
๐จ CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
๐@cveNotify
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
๐@cveNotify