๐จ CVE-2025-4649
Improper Handling of Exceptional Conditions vulnerability in Centreon web allows Privilege Escalation.
ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs.
This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.
๐@cveNotify
Improper Handling of Exceptional Conditions vulnerability in Centreon web allows Privilege Escalation.
ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs.
This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.
๐@cveNotify
GitHub
Releases ยท centreon/centreon
Centreon is a network, system and application monitoring tool. Centreon is the only AIOps Platform Providing Holistic Visibility to Complex IT Workflows from Cloud to Edge. - centreon/centreon
๐จ CVE-2025-5745
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.
๐@cveNotify
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.
๐@cveNotify
๐จ CVE-2025-47730
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
๐@cveNotify
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
๐@cveNotify
Ars Technica
Signal clone used by Trump official stops operations after report it was hacked
Mike Waltz needs to find a new app.
๐จ CVE-2025-48930
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues.
๐@cveNotify
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues.
๐@cveNotify
WIRED
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.
๐จ CVE-2025-61996
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
๐จ CVE-2025-61997
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
๐จ CVE-2025-61998
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content as a URL within the Technical Support Hyperlink Manager. Injected content is executed in the context of other users when they click the malicious link. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content as a URL within the Technical Support Hyperlink Manager. Injected content is executed in the context of other users when they click the malicious link. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
๐จ CVE-2025-61999
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data.
๐@cveNotify
๐จ CVE-2024-32499
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.
๐@cveNotify
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.
๐@cveNotify
Code-White
CODE WHITE | Public Vulnerability List
Public list of vulnerabilities, found by CODE WHITE
๐จ CVE-2025-48925
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential.
๐@cveNotify
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential.
๐@cveNotify
WIRED
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.
๐จ CVE-2025-48926
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.
๐@cveNotify
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.
๐@cveNotify
WIRED
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.
๐จ CVE-2025-48929
The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary.
๐@cveNotify
The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary.
๐@cveNotify
WIRED
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
The company behind the Signal clone used by at least one Trump administration official was breached earlier this month. The hacker says they got in thanks to a basic misconfiguration.
๐จ CVE-2025-25732
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password hashes stored in the EEPROM with hashes of their own, leading to the escalation of privileges to root.
๐@cveNotify
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password hashes stored in the EEPROM with hashes of their own, leading to the escalation of privileges to root.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-922: Insecure Storage of Sensitive Information (4.19.1)
CWE-922: Insecure Storage of Sensitive Information (4.19.1)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-25733
Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the device.
๐@cveNotify
Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the device.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-25734
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process.
๐@cveNotify
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-25735
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with software running on the system to modify SPI flash in real-time.
๐@cveNotify
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with software running on the system to modify SPI flash in real-time.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection (4.18)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-25736
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb) and enabled by default, allowing unauthenticated root shell access to the cellular modem via the default 'kapsch' user.
๐@cveNotify
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb) and enabled by default, allowing unauthenticated root shell access to the cellular modem via the default 'kapsch' user.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-306: Missing Authentication for Critical Function (4.19.1)
CWE-306: Missing Authentication for Critical Function (4.19.1)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-25737
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack.
๐@cveNotify
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-521: Weak Password Requirements (4.19.1)
CWE-521: Weak Password Requirements (4.19.1)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2025-35053
Newforma Info Exchange (NIX) accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges.
In Newforma before 2023.1, anonymous access is enabled by default (CVE-2025-35062), allowing an otherwise unauthenticated attacker to effectively authenticate as 'anonymous' and exploit this file upload vulnerability.
๐@cveNotify
Newforma Info Exchange (NIX) accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges.
In Newforma before 2023.1, anonymous access is enabled by default (CVE-2025-35062), allowing an otherwise unauthenticated attacker to effectively authenticate as 'anonymous' and exploit this file upload vulnerability.
๐@cveNotify
๐จ CVE-2025-56588
Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.
๐@cveNotify
Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.
๐@cveNotify
๐จ CVE-2025-23355
NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
๐@cveNotify
NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
๐@cveNotify