🚨 CVE-2024-53376
CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI.
🎖@cveNotify
CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI.
🎖@cveNotify
GitHub
GitHub - ThottySploity/CVE-2024-53376: CyberPanel authenticated RCE < 2.3.8
CyberPanel authenticated RCE < 2.3.8. Contribute to ThottySploity/CVE-2024-53376 development by creating an account on GitHub.
🚨 CVE-2024-56112
CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php.
🎖@cveNotify
CyberPanel (aka Cyber Panel) before f0cf648 allows XSS via token or username to plogical/phpmyadminsignin.php.
🎖@cveNotify
CyberPanel
CyberPanel - Free Web Hosting Control Panel
The world's fastest free control panel powered by OpenLiteSpeed. 10x faster, built-in caching, free SSL, Docker apps.
🚨 CVE-2024-51111
Cross-Site Scripting (XSS) vulnerability in Pnetlab 5.3.11 allows an attacker to inject malicious scripts into a web page, which are executed in the context of the victim's browser.
🎖@cveNotify
Cross-Site Scripting (XSS) vulnerability in Pnetlab 5.3.11 allows an attacker to inject malicious scripts into a web page, which are executed in the context of the victim's browser.
🎖@cveNotify
🚨 CVE-2024-51112
Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script
🎖@cveNotify
Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script
🎖@cveNotify
🚨 CVE-2024-55529
Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template.
🎖@cveNotify
Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template.
🎖@cveNotify
GitHub
GitHub - fengyijiu520/Z-Blog-: Z-Blog 后台文件上传漏洞
Z-Blog 后台文件上传漏洞. Contribute to fengyijiu520/Z-Blog- development by creating an account on GitHub.
🚨 CVE-2025-38352
In the Linux kernel, the following vulnerability has been resolved:
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
If an exiting non-autoreaping task has already passed exit_notify() and
calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent
or debugger right after unlock_task_sighand().
If a concurrent posix_cpu_timer_del() runs at that moment, it won't be
able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or
lock_task_sighand() will fail.
Add the tsk->exit_state check into run_posix_cpu_timers() to fix this.
This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because
exit_task_work() is called before exit_notify(). But the check still
makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail
anyway in this case.
🎖@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
If an exiting non-autoreaping task has already passed exit_notify() and
calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent
or debugger right after unlock_task_sighand().
If a concurrent posix_cpu_timer_del() runs at that moment, it won't be
able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or
lock_task_sighand() will fail.
Add the tsk->exit_state check into run_posix_cpu_timers() to fix this.
This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because
exit_task_work() is called before exit_notify(). But the check still
makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail
anyway in this case.
🎖@cveNotify
🚨 CVE-2025-53690
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.
🎖@cveNotify
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Code Injection.This issue affects Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.
🎖@cveNotify
Google Cloud Blog
ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690) | Google Cloud Blog
An active ViewState deserialization attack affecting Sitecore products, where attackers achieved remote code execution.
🚨 CVE-2025-48543
In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
🎖@cveNotify
In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
🎖@cveNotify
🚨 CVE-2025-9375
XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects xmltodict: 0.14.2.
🎖@cveNotify
XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects xmltodict: 0.14.2.
🎖@cveNotify
Fluidattacks
xmltodict 0.14.2 - XML Injection | Fluid Attacks
CVE-2025-9375: XML injection vulnerability in xmltodict 0.14.2 allows attackers to inject malicious XML markup via crafted dictionary keys.
🚨 CVE-2025-7445
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs.
🎖@cveNotify
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs.
🎖@cveNotify
GitHub
CVE-2025-7445: secrets-store-sync-controller discloses service account tokens in logs · Issue #133897 · kubernetes/kubernetes
A security issue was discovered in secrets-store-sync-controller where an actor with access to the controller logs could observe service account tokens. These tokens could then potentially be excha...
🚨 CVE-2025-9990
The WordPress Helpdesk Integration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.8.10 via the portal_type parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
🎖@cveNotify
The WordPress Helpdesk Integration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.8.10 via the portal_type parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
🎖@cveNotify
🚨 CVE-2025-8684
The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's shortcodes in all versions up to, and including, 3.20.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
🎖@cveNotify
The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's shortcodes in all versions up to, and including, 3.20.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
🎖@cveNotify
ThemeForest
Flatsome | Multi-Purpose Responsive WooCommerce Theme
...
🚨 CVE-2025-58401
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.
🎖@cveNotify
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.
🎖@cveNotify
GitHub
Release 1.1.7 · Pierrad/obsidian-github-copilot
What's new
Added a warning in Copilot Chat settings to prevent user from sharing secure-credentials.dat personal file.
Added a warning in Copilot Chat settings to prevent user from sharing secure-credentials.dat personal file.
🚨 CVE-2025-41408
Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attack.
🎖@cveNotify
Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attack.
🎖@cveNotify
jvn.jp
JVN#35290164: "Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly
Japan Vulnerability Notes
🚨 CVE-2025-55037
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.
🎖@cveNotify
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.
🎖@cveNotify
GitHub
Release v1.0.22 · kujirahand/tkeasygui-python
The pip command can be used to install the latest version.
pip install -U TkEasyGUI
Change Logs:
popup_xxxでsizeプロパティを追加 #116
popup_xxxでiconが使えるように修正 #116
popup_memoをリサイズ可能に修正 #117
popup_listboxをリサ...
pip install -U TkEasyGUI
Change Logs:
popup_xxxでsizeプロパティを追加 #116
popup_xxxでiconが使えるように修正 #116
popup_memoをリサイズ可能に修正 #117
popup_listboxをリサ...
🚨 CVE-2025-55671
Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.
🎖@cveNotify
Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.
🎖@cveNotify
GitHub
Release v1.0.22 · kujirahand/tkeasygui-python
The pip command can be used to install the latest version.
pip install -U TkEasyGUI
Change Logs:
popup_xxxでsizeプロパティを追加 #116
popup_xxxでiconが使えるように修正 #116
popup_memoをリサイズ可能に修正 #117
popup_listboxをリサ...
pip install -U TkEasyGUI
Change Logs:
popup_xxxでsizeプロパティを追加 #116
popup_xxxでiconが使えるように修正 #116
popup_memoをリサイズ可能に修正 #117
popup_listboxをリサ...
🚨 CVE-2025-58400
RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
🎖@cveNotify
RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
🎖@cveNotify
jvn.jp
JVN#98737186: RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path
Japan Vulnerability Notes
🚨 CVE-2025-8944
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.
🎖@cveNotify
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.
🎖@cveNotify
WPScan
OceanWP < 4.1.2 - Subscriber+ Limited Option Update
See details on OceanWP < 4.1.2 - Subscriber+ Limited Option Update CVE 2025-8944. View the latest Theme Vulnerabilities on WPScan.
🚨 CVE-2024-7697
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.
🎖@cveNotify
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.
🎖@cveNotify
Tecno
TECNO Security Response Center | TECNO Phone
TECNO Security Response Center, a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations.
🚨 CVE-2024-11206
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to the leakage of user information.
🎖@cveNotify
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to the leakage of user information.
🎖@cveNotify
Tecno
TECNO Security Response Center | TECNO Phone
TECNO Security Response Center, a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations.
🚨 CVE-2024-12603
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.
🎖@cveNotify
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.
🎖@cveNotify
Tecno
TECNO Security Response Center | TECNO Phone
TECNO Security Response Center, a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations.