🚨 CVE-2024-25724
In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak sensitive information, or crash the service. These attacks could be done via a remote malicious RTPS message; a compromised call with malicious parameters to the RTI_RoutingService_new, rti::recording::Service, RTI_QueuingService_new, or RTI_CDS_Service_new public APIs; or a compromised local file system containing a malicious XML file.
🎖@cveNotify
In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak sensitive information, or crash the service. These attacks could be done via a remote malicious RTPS message; a compromised call with malicious parameters to the RTI_RoutingService_new, rti::recording::Service, RTI_QueuingService_new, or RTI_CDS_Service_new public APIs; or a compromised local file system containing a malicious XML file.
🎖@cveNotify
🚨 CVE-2024-45844
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
BIG-IP monitors vulnerability CVE-2024-45844
Security Advisory Description BIG-IP monitor functionality may allow an authenticated attacker with at least Manager role privileges to elevate their privileges and/or modify the configuration. (CVE-2024-45844) Impact This vulnerability may allow an authenticated…
🚨 CVE-2025-0401
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
1 · Issue #1 · 1902756969/reggie
技术栈:redis+mysql+springboot+mybatispuls+thymeleaf 瑞吉外卖(补充完善版) 后台系统 功能:员工管理、菜品分类、菜品管理、套餐管理、订单明细、订单派送、订单查询 移动端 个人中心(退出登录、最新订单查询、历史订单、地址管理-修改地址、地址管理-删除地址) 购物车(删除购物车中的商品) - 1 · Issue #1 · 1902756969/reggie
🚨 CVE-2025-0402
A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
2 · Issue #2 · 1902756969/reggie
技术栈:redis+mysql+springboot+mybatispuls+thymeleaf 瑞吉外卖(补充完善版) 后台系统 功能:员工管理、菜品分类、菜品管理、套餐管理、订单明细、订单派送、订单查询 移动端 个人中心(退出登录、最新订单查询、历史订单、地址管理-修改地址、地址管理-删除地址) 购物车(删除购物车中的商品) - 2 · Issue #2 · 1902756969/reggie
🚨 CVE-2025-0403
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
3 · Issue #3 · 1902756969/reggie
技术栈:redis+mysql+springboot+mybatispuls+thymeleaf 瑞吉外卖(补充完善版) 后台系统 功能:员工管理、菜品分类、菜品管理、套餐管理、订单明细、订单派送、订单查询 移动端 个人中心(退出登录、最新订单查询、历史订单、地址管理-修改地址、地址管理-删除地址) 购物车(删除购物车中的商品) - 3 · Issue #3 · 1902756969/reggie
🚨 CVE-2022-49189
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
The display pixel clock has a requirement on certain newer platforms to
support M/N as (2/3) and the final D value calculated results in
underflow errors.
As the current implementation does not check for D value is within
the accepted range for a given M & N value. Update the logic to
calculate the final D value based on the range.
🎖@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
The display pixel clock has a requirement on certain newer platforms to
support M/N as (2/3) and the final D value calculated results in
underflow errors.
As the current implementation does not check for D value is within
the accepted range for a given M & N value. Update the logic to
calculate the final D value based on the range.
🎖@cveNotify
🚨 CVE-2022-48503
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
🎖@cveNotify
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
🎖@cveNotify
Apple Support
About the security content of watchOS 8.7
This document describes the security content of watchOS 8.7.
🚨 CVE-2025-33073
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
🎖@cveNotify
🚨 CVE-2025-61884
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
🎖@cveNotify
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
🎖@cveNotify
Oracle
Oracle for Developers | Programming Languages, Tools, Community
Developer tools and resource for modern cloud application development using Java, databases, microservices, containers, and open source programming languages and technologies.
🚨 CVE-2025-6026
An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data.
🎖@cveNotify
An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data.
🎖@cveNotify
🚨 CVE-2025-62583
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.
🎖@cveNotify
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.
🎖@cveNotify
🚨 CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.
🎖@cveNotify
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.
🎖@cveNotify
🚨 CVE-2025-62585
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.
🎖@cveNotify
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.
🎖@cveNotify
🚨 CVE-2025-41018
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in '/public.php'.
🎖@cveNotify
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in '/public.php'.
🎖@cveNotify
www.incibe.es
Multiple vulnerabilities in Sergestec products
INCIBE has coordinated the publication of four vulnerabilities, two critical, one high severity and on
🚨 CVE-2025-41020
Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data belonging to other customers through the 'id' parameter in '/admin/ticket_a4.php'.
🎖@cveNotify
Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data belonging to other customers through the 'id' parameter in '/admin/ticket_a4.php'.
🎖@cveNotify
www.incibe.es
Multiple vulnerabilities in Sergestec products
INCIBE has coordinated the publication of four vulnerabilities, two critical, one high severity and on
🚨 CVE-2025-41021
Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=product_update'. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
🎖@cveNotify
Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=product_update'. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
🎖@cveNotify
www.incibe.es
Multiple vulnerabilities in Sergestec products
INCIBE has coordinated the publication of four vulnerabilities, two critical, one high severity and on
🔥1
🚨 CVE-2025-31138
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where user-controlled inputs for element dimensions (width and height) were not properly validated. This allowed an attacker with direct access to the site's source code or a CMS plugin to set values like 100%;height:100%;position:fixed;, potentially covering the entire viewport and facilitating clickjacking attacks. An attacker with high privileges could exploit this vulnerability to overlay malicious UI elements on top of legitimate content, trick users into interacting with hidden elements (clickjacking), or disrupt the intended functionality and accessibility of the website. This vulnerability is fixed in 1.20.1.
🎖@cveNotify
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where user-controlled inputs for element dimensions (width and height) were not properly validated. This allowed an attacker with direct access to the site's source code or a CMS plugin to set values like 100%;height:100%;position:fixed;, potentially covering the entire viewport and facilitating clickjacking attacks. An attacker with high privileges could exploit this vulnerability to overlay malicious UI elements on top of legitimate content, trick users into interacting with hidden elements (clickjacking), or disrupt the intended functionality and accessibility of the website. This vulnerability is fixed in 1.20.1.
🎖@cveNotify
GitHub
Security: Make sure width and height are integer #1313 · AmauriC/tarteaucitron.js@25fcf82
Get a compliant and accessible cookie banner. Contribute to AmauriC/tarteaucitron.js development by creating an account on GitHub.
🚨 CVE-2024-45038
Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability.
🎖@cveNotify
Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It's strongly suggested that all users of Meshtastic, particularly those that connect to a privately hosted MQTT server, update to this or a more recent stable version right away. There are no known workarounds for this vulnerability.
🎖@cveNotify
GitHub
Device crash via malformed MQTT packet when downlink is enabled
### Summary
We are disclosing CVE-2024-45038, a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It'...
We are disclosing CVE-2024-45038, a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the Meshtastic firmware and on the Meshtastic public MQTT Broker. It'...
🚨 CVE-2024-47079
Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid. This issue has been addressed in release version 2.5.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.
🎖@cveNotify
Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid. This issue has been addressed in release version 2.5.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.
🎖@cveNotify
GitHub
Unauthorized usage of remote hardware module because of missing channel verification
### Summary
The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid.
The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid.
🚨 CVE-2025-31475
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code or a CMS plugin to manipulate JavaScript object prototypes, leading to potential security risks such as data corruption or unintended code execution. An attacker with high privileges could exploit this vulnerability to modify object prototypes, affecting core JavaScript behavior, cause application crashes or unexpected behavior, or potentially introduce further security vulnerabilities depending on the application's architecture. This vulnerability is fixed in 1.20.1.
🎖@cveNotify
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code or a CMS plugin to manipulate JavaScript object prototypes, leading to potential security risks such as data corruption or unintended code execution. An attacker with high privileges could exploit this vulnerability to modify object prototypes, affecting core JavaScript behavior, cause application crashes or unexpected behavior, or potentially introduce further security vulnerabilities depending on the application's architecture. This vulnerability is fixed in 1.20.1.
🎖@cveNotify
GitHub
Potential fix for code scanning alert no. 130: Prototype-polluting fu… · AmauriC/tarteaucitron.js@74c354c
…nction
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
🚨 CVE-2025-4638
A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary (PCL). This issue may allow context-dependent attackers to cause undefined behavior by exploiting improper pointer arithmetic.
Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.
🎖@cveNotify
A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary (PCL). This issue may allow context-dependent attackers to cause undefined behavior by exploiting improper pointer arithmetic.
Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.
🎖@cveNotify
GitHub
pcl/surface/CMakeLists.txt at master · PointCloudLibrary/pcl
Point Cloud Library (PCL). Contribute to PointCloudLibrary/pcl development by creating an account on GitHub.