π¨ CVE-2025-61583
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A reflected cross-site scripting vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability exists in the error handling mechanism of the login page, where malicious scripts embedded in server hostnames are executed in the victim's browser context without proper sanitization. This issue is fixed in version 2.2.2.
π@cveNotify
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A reflected cross-site scripting vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability exists in the error handling mechanism of the login page, where malicious scripts embedded in server hostnames are executed in the victim's browser context without proper sanitization. This issue is fixed in version 2.2.2.
π@cveNotify
GitHub
fixes unauthenticated denial of service and reflected cross-site scri⦠· joni1802/ts3-manager@3a06991
β¦pting
π¨ CVE-2025-46745
An authenticated user without user-management permissions could view other users account information.
π@cveNotify
An authenticated user without user-management permissions could view other users account information.
π@cveNotify
selinc.com
Login
π¨ CVE-2025-21479
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
π@cveNotify
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
π@cveNotify
π¨ CVE-2025-55621
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social platform on which users expect to find one another.
π@cveNotify
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social platform on which users expect to find one another.
π@cveNotify
relieved-knuckle-264 on Notion
Reolink - Download a profile due to IDOR | Notion
π 1. Reporting information
π₯1
π¨ CVE-2025-11020
An attacker can obtain server information using Path Traversal vulnerability to conduct SQL Injection, which possibly exploits Unrestricted Upload of File with Dangerous Type vulnerability in MarkAny SafePC Enterprise on Windows, Linux.This issue affects SafePC Enterprise: V7.0.* (V7.0.YYYY.MM.DD) before V7.0.1, and V5.*.*.
π@cveNotify
An attacker can obtain server information using Path Traversal vulnerability to conduct SQL Injection, which possibly exploits Unrestricted Upload of File with Dangerous Type vulnerability in MarkAny SafePC Enterprise on Windows, Linux.This issue affects SafePC Enterprise: V7.0.* (V7.0.YYYY.MM.DD) before V7.0.1, and V5.*.*.
π@cveNotify
Markany
κΈ°μ
μ 보 보μ
μΆκ·ΌλΆν° ν΄κ·ΌκΉμ§ λͺ¨λ 보μμ μλν νμ¬ μμ νκ² λ³΄νΈνκ³ μ¬μ©μμ λΆνΈμ μ΅μν ν©λλ€.
π¨ CVE-2025-11182
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code Without Integrity Check vulnerability in GTONE ChangeFlow allows Path Traversal.This issue affects ChangeFlow: All versions to v9.0.1.1.
π@cveNotify
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code Without Integrity Check vulnerability in GTONE ChangeFlow allows Path Traversal.This issue affects ChangeFlow: All versions to v9.0.1.1.
π@cveNotify
π¨ CVE-2025-11221
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through v9.0.1.1.
π@cveNotify
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through v9.0.1.1.
π@cveNotify
π¨ CVE-2025-58775
KV STUDIO and VT5-WX15/WX12 contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
KV STUDIO and VT5-WX15/WX12 contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
jvn.jp
JVNVU#97069449: Multiple vulnerabilities in multiple Keyence products
Japan Vulnerability Notes
π¨ CVE-2025-58776
KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
jvn.jp
JVNVU#97069449: Multiple vulnerabilities in multiple Keyence products
Japan Vulnerability Notes
π¨ CVE-2025-58777
VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
VT Studio versions 8.53 and prior contain an access of uninitialized pointer vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
π@cveNotify
jvn.jp
JVNVU#97069449: Multiple vulnerabilities in multiple Keyence products
Japan Vulnerability Notes
π₯1
π¨ CVE-2025-40645
Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated attacker to obtain sensitive information about customers by sending an HTTP GET request to β/api/reserva/web/clientsβ using the βphoneβ parameter.
π@cveNotify
Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated attacker to obtain sensitive information about customers by sending an HTTP GET request to β/api/reserva/web/clientsβ using the βphoneβ parameter.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in ViDay
INCIBE has coordinated the publication of two vulnerabilities, one high severity and one medium severi
π¨ CVE-2025-40646
Exposure of sensitive information in Viday. This vulnerability could allow an attacker to obtain sensitive information about customers by intercepting HTTP requests and searching for the JWT containing sensitive user information in the JWT payload.
π@cveNotify
Exposure of sensitive information in Viday. This vulnerability could allow an attacker to obtain sensitive information about customers by intercepting HTTP requests and searching for the JWT containing sensitive user information in the JWT payload.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in ViDay
INCIBE has coordinated the publication of two vulnerabilities, one high severity and one medium severi
π¨ CVE-2025-54286
Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication.
π@cveNotify
Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication.
π@cveNotify
GitHub
CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI
### Description
OIDC authentication uses cookies with the SameSite=Strict attribute, preventing cookies from being sent with requests from other sites. Therefore, CSRF does not occur as long as we...
OIDC authentication uses cookies with the SameSite=Strict attribute, preventing cookies from being sent with requests from other sites. Therefore, CSRF does not occur as long as we...
π¨ CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration
permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.
π@cveNotify
Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration
permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.
π@cveNotify
GitHub
Arbitrary File Read via Template Injection in Snapshot Patterns
### Impact
In LXD's instance snapshot creation functionality, the Pongo2 template engine is used in the `snapshots.pattern` configuration for generating snapshot names. While code execution fu...
In LXD's instance snapshot creation functionality, the Pongo2 template engine is used in the `snapshots.pattern` configuration for generating snapshot names. While code execution fu...
π¨ CVE-2025-54288
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.
π@cveNotify
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.
π@cveNotify
GitHub
Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server
### Impact
In LXD's devLXD server, the source container identification process uses process cmdline (command line) information, allowing attackers to impersonate other containers by spoofing p...
In LXD's devLXD server, the source container identification process uses process cmdline (command line) information, allowing attackers to impersonate other containers by spoofing p...
π¨ CVE-2025-54289
Privilege Escalation in operations API in Canonical LXD 6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
π@cveNotify
Privilege Escalation in operations API in Canonical LXD 6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
π@cveNotify
GitHub
Privilege Escalation via WebSocket Connection Hijacking in Operations API
### Impact
LXD's operations API includes secret values necessary for WebSocket connections when retrieving information about running operations. These secret values are used for authentication...
LXD's operations API includes secret values necessary for WebSocket connections when retrieving information about running operations. These secret values are used for authentication...
π¨ CVE-2025-40989
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_message/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_message/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Creativeitem products
INCIBE has coordinated the publication of 4 vulnerabilities of medium severity, affecting Ekushey CRM
π¨ CVE-2025-40990
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_bug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_bug/create/xxx", affecting to "title" and "description" parameters via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Creativeitem products
INCIBE has coordinated the publication of 4 vulnerabilities of medium severity, affecting Ekushey CRM
π¨ CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_file/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/project_file/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Creativeitem products
INCIBE has coordinated the publication of 4 vulnerabilities of medium severity, affecting Ekushey CRM
π¨ CVE-2025-40992
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/update_profile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/update_profile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal his/her cookie session details.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Creativeitem products
INCIBE has coordinated the publication of 4 vulnerabilities of medium severity, affecting Ekushey CRM
π¨ CVE-2025-54293
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
π@cveNotify
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
π@cveNotify
GitHub
Path Traversal Vulnerability in Instance Log File Retrieval Function
### Impact
Although outside the scope of this penetration test, a path traversal vulnerability exists in the validLogFileName function that validates log file names in lxd/instance_logs.go in the ...
Although outside the scope of this penetration test, a path traversal vulnerability exists in the validLogFileName function that validates log file names in lxd/instance_logs.go in the ...