π¨ CVE-2025-9287
Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
π@cveNotify
Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
π@cveNotify
GitHub
[Fix] return valid values on multi-byte-wide TypedArray input by ChALkeR Β· Pull Request #23 Β· browserify/cipher-base
Node.js supports any TypedArray or DataView as input, this lib miscalculated on e.g. Uint16Arrays
This patch fixes that
Uint8Array is checked with typeof in index.js
Support for historic Node.js ve...
This patch fixes that
Uint8Array is checked with typeof in index.js
Support for historic Node.js ve...
π¨ CVE-2025-9288
Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.
π@cveNotify
Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.
π@cveNotify
GitHub
support multi-byte wide typed arrays by ChALkeR Β· Pull Request #78 Β· browserify/sha.js
Same as: browserify/hash-base#19, browserify/cipher-base#23, but retains support for Array and Array-like objects, since this module isn't closely mimicking the Node.js API
For array-likes,...
For array-likes,...
π¨ CVE-2025-4009
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product
features, setup network switching, and register license among other features. The application has been developed in PHP with the webEASY SDK, also named βewbβ by Evertz.
This web interface has two endpoints that are vulnerable to arbitrary command injection (CVE-2025-4009, CVE-2025-10364) and the authentication mechanism has a flaw leading to authentication bypass (CVE-2025-10365).
CVE-2025-4009 covers the command injection in feature-transfer-import.php
CVE-2025-10364 covers the command injection in feature-transfer-export.php
Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
This level of access could lead to serious business impact such as the interruption of media streaming, modification of media being streamed, alteration of closed captions being generated, among others.
π@cveNotify
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product
features, setup network switching, and register license among other features. The application has been developed in PHP with the webEASY SDK, also named βewbβ by Evertz.
This web interface has two endpoints that are vulnerable to arbitrary command injection (CVE-2025-4009, CVE-2025-10364) and the authentication mechanism has a flaw leading to authentication bypass (CVE-2025-10365).
CVE-2025-4009 covers the command injection in feature-transfer-import.php
CVE-2025-10364 covers the command injection in feature-transfer-export.php
Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
This level of access could lead to serious business impact such as the interruption of media streaming, modification of media being streamed, alteration of closed captions being generated, among others.
π@cveNotify
Onekey
Security Advisory: Remote Code Execution on Evertz SDVN (CVE-2025-4009) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Evertz SDVN. Learn about the risks and recommended actions.
π¨ CVE-2025-9147
A vulnerability has been found in jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d. The impacted element is an unknown function of the file /index.php. The manipulation of the argument view leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability has been found in jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d. The impacted element is an unknown function of the file /index.php. The manipulation of the argument view leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
π¨ CVE-2025-9176
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
π@cveNotify
A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
π@cveNotify
π¨ CVE-2025-9173
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
# Projectworlds emlog Project V2.5.18 /admin/media.php?action=upload&sid=0 File unrestricted upload Β· Issue #2 Β· lan041221/cvec
Projectworlds emlog Project V2.5.18 /admin/media.php?action=upload&sid=0 File unrestricted upload NAME OF AFFECTED PRODUCT(S) emlog Vendor Homepage emlog.net AFFECTED AND/OR FIXED VERSION(S) su...
β€1
π¨ CVE-2025-50989
OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation results in remote code execution with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations.
π@cveNotify
OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation results in remote code execution with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations.
π@cveNotify
GitHub
proofs/info/OPNsense-25.1-Command-Injection-via-span-parameter.md at main Β· 4rdr/proofs
Contribute to 4rdr/proofs development by creating an account on GitHub.
π¨ CVE-2025-57819
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
π@cveNotify
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
π@cveNotify
FreePBX Community Forums
Security Advisory: Please Lock Down Your Administrator Access
The Sangoma FreePBX Security Team is aware of a potential exploit affecting some systems with the administrator control panel exposed to the public internet. AUG. 28 GOOD NEWS: FIX IS NOW DEPLOYED IN STABLE REPOS FOR AFFECTED SUPPORTED VERSIONS, INCLUDINGβ¦
π¨ CVE-2025-54246
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54247
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54248
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Scope is changed
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Scope is changed
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54249
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54250
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-54252
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. This could result in bypassing security features within the application. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.
π@cveNotify
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. This could result in bypassing security features within the application. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.
π@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Experience Manager | APSB25-90
π¨ CVE-2025-53913
Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
π@cveNotify
Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
π@cveNotify
Fluidattacks
Calix GigaCenter ONT (Quantenna SoC) - Excessive Privileges | Fluid Attacks
CVE-2025-53913: Excessive Privileges in Gigacenters ONT routers allows unauthenticated root access via UART interface (Quantenna SoC).
π¨ CVE-2025-53914
Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
π@cveNotify
Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
π@cveNotify
Fluidattacks
Calix GigaCenter ONT (Broadcom SoC) - Excessive Privileges | Fluid Attacks
CVE-2025-53914: Excessive Privileges in Gigacenters ONT routers allows unauthenticated root access via UART interface (Broadcom SoC)
π¨ CVE-2025-7635
Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE.
π@cveNotify
Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE.
π@cveNotify
Fluidattacks
Calix GigaCenter ONT - Unauthenticated Telnet | Fluid Attacks
CVE-2025-7635: Unauthenticated Telnet Access in Calix Gigacenter ONT routers grants administrative access.
β€1
π¨ CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions
granted by the user to the main application bundle. An attacker with local user access can
invoke this interpreter with arbitrary commands or scripts, leveraging the
application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent.
This issue has been fixed in 3.1.4.2 version of GIMP.
π@cveNotify
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions
granted by the user to the main application bundle. An attacker with local user access can
invoke this interpreter with arbitrary commands or scripts, leveraging the
application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent.
This issue has been fixed in 3.1.4.2 version of GIMP.
π@cveNotify
cert.pl
TCC Bypass vulnerabilities in six applications for MacOS
TCC Bypass vulnerabilities has been found in GIMP (CVE-2025-8672), Mosh-Pro (CVE-2025-53811), Cursor (CVE-2025-9190), MacVim (CVE-2025-8597), Nozbe (CVE-2025-53813) and Invoice Ninja (CVE-2025-8700) applications for MacOS.
π¨ CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component.
π@cveNotify
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component.
π@cveNotify
π¨ CVE-2025-9146
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
IOT_Firmware_Update/Linksys/E5600.md at main Β· IOTRes/IOT_Firmware_Update
Contribute to IOTRes/IOT_Firmware_Update development by creating an account on GitHub.