π¨ CVE-2025-54320
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests.
π@cveNotify
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests.
π@cveNotify
GitHub
GitHub - saykino/CVE-2025-54320
Contribute to saykino/CVE-2025-54320 development by creating an account on GitHub.
π¨ CVE-2025-56499
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.
π@cveNotify
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.
π@cveNotify
GitHub
GitHub - Cherrling/CVE-2025-56499
Contribute to Cherrling/CVE-2025-56499 development by creating an account on GitHub.
π¨ CVE-2025-63229
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's browser, potentially stealing sensitive information, hijacking sessions, or performing unauthorized actions.
π@cveNotify
The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's browser, potentially stealing sensitive information, hijacking sessions, or performing unauthorized actions.
π@cveNotify
GitHub
my--cve-vulnerability-research/CVE-2025-63229_Mozart_FM_Transmitter_xss at main Β· shiky8/my--cve-vulnerability-research
This repository contains information on all of the CVEs I found. - shiky8/my--cve-vulnerability-research
π¨ CVE-2024-8527
Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user sessions.
π@cveNotify
Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user sessions.
π@cveNotify
Carrier
Product Security Advisories | Carrier
Products and services manufactured and supported by Carrier are subject to robust secure development and process control requirements that comply with commercially appropriate cybersecurity standards of compliance.
π¨ CVE-2024-8528
Reflected XSS using a specific URL in Automated Logic WebCTRL and Carrier i-VU can allow delivery of malicious payload due to a specific GET parameter not being sanitized.
π@cveNotify
Reflected XSS using a specific URL in Automated Logic WebCTRL and Carrier i-VU can allow delivery of malicious payload due to a specific GET parameter not being sanitized.
π@cveNotify
Carrier
Product Security Advisories | Carrier
Products and services manufactured and supported by Carrier are subject to robust secure development and process control requirements that comply with commercially appropriate cybersecurity standards of compliance.
π¨ CVE-2024-54128
Directus is a real-time API and App dashboard for managing SQL database content. The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypassed, making the application vulnerable to HTML Injection. This vulerability is fixed in 10.13.4 and 11.2.0.
π@cveNotify
Directus is a real-time API and App dashboard for managing SQL database content. The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypassed, making the application vulnerable to HTML Injection. This vulerability is fixed in 10.13.4 and 11.2.0.
π@cveNotify
GitHub
HTML Injection in Comment
### Summary
The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypas...
The Comment feature has implemented a filter to prevent users from adding restricted characters, such as HTML tags. However, this filter operates on the client-side, which can be bypas...
π¨ CVE-2025-56383
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users.
π@cveNotify
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users.
π@cveNotify
GitHub
GitHub - notepad-plus-plus/notepad-plus-plus: Notepad++ official repository
Notepad++ official repository. Contribute to notepad-plus-plus/notepad-plus-plus development by creating an account on GitHub.
π¨ CVE-2025-20289
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
π@cveNotify
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to either disclose sensitive information or conduct a reflected cross-site scripting (XSS) attack.β¦
π¨ CVE-2025-20303
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
π@cveNotify
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to either disclose sensitive information or conduct a reflected cross-site scripting (XSS) attack.β¦
π¨ CVE-2025-20305
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators.
π@cveNotify
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to either disclose sensitive information or conduct a reflected cross-site scripting (XSS) attack.β¦
π¨ CVE-2025-62199
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and eval() in the FunctionField.php
π@cveNotify
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and eval() in the FunctionField.php
π@cveNotify
GitHub
GitHub - Nxvh1337/CVE-2025-63406-PoC: Small PoC to automate exploitation of CVE-2025-63406.
Small PoC to automate exploitation of CVE-2025-63406. - Nxvh1337/CVE-2025-63406-PoC
π¨ CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
π@cveNotify
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
π@cveNotify
FortiGuard Labs
PSIRT | FortiGuard Labs
None
π¨ CVE-2025-56526
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.
π@cveNotify
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.
π@cveNotify
GitHub
GitHub - Cinnamon/kotaemon: An open-source RAG-based tool for chatting with your documents.
An open-source RAG-based tool for chatting with your documents. - Cinnamon/kotaemon
π¨ CVE-2025-56527
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
π@cveNotify
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
π@cveNotify
GitHub
GitHub - Cinnamon/kotaemon: An open-source RAG-based tool for chatting with your documents.
An open-source RAG-based tool for chatting with your documents. - Cinnamon/kotaemon
π¨ CVE-2025-63693
The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attackers to construct comment content or request parameters and execute arbitrary JavaScript code when the victim opens the editing pop-up.
π@cveNotify
The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attackers to construct comment content or request parameters and execute arbitrary JavaScript code when the victim opens the editing pop-up.
π@cveNotify
GitHub
GitHub - Yohane-Mashiro/dzzoffice_xss: dzzofficeε¨εεxssζΌζ΄
dzzofficeε¨εεxssζΌζ΄. Contribute to Yohane-Mashiro/dzzoffice_xss development by creating an account on GitHub.
π¨ CVE-2025-37161
A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations.
π@cveNotify
A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations.
π@cveNotify
π¨ CVE-2025-37162
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
π@cveNotify
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
π@cveNotify
π¨ CVE-2025-63216
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
π@cveNotify
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
π@cveNotify
GitHub
my--cve-vulnerability-research/CVE-2025-63216_Itel DAB Gateway Authentication Bypass at main Β· shiky8/my--cve-vulnerability-research
This repository contains information on all of the CVEs I found. - shiky8/my--cve-vulnerability-research
π¨ CVE-2025-63217
The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
π@cveNotify
The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
π@cveNotify
GitHub
my--cve-vulnerability-research/CVE-2025-63217 _ Itel DAB MUX Authentication Bypass at main Β· shiky8/my--cve-vulnerability-research
This repository contains information on all of the CVEs I found. - shiky8/my--cve-vulnerability-research
π¨ CVE-2025-65013
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a reflected cross-site scripting (XSS) vulnerability was identified in the LibreNMS application at the /maps/nodeimage endpoint. The Image Name parameter is reflected in the HTTP response without proper output encoding or sanitization, allowing an attacker to craft a URL that, when visited by a victim, causes arbitrary JavaScript execution in the victimβs browser. This issue has been patched in version 25.11.0.
π@cveNotify
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a reflected cross-site scripting (XSS) vulnerability was identified in the LibreNMS application at the /maps/nodeimage endpoint. The Image Name parameter is reflected in the HTTP response without proper output encoding or sanitization, allowing an attacker to craft a URL that, when visited by a victim, causes arbitrary JavaScript execution in the victimβs browser. This issue has been patched in version 25.11.0.
π@cveNotify
GitHub
Cross-Site Scripting (XSS) Reflected endpoint `/maps/nodeimage` parameter `Image Name` - LibreNMS
## Summary
A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the LibreNMS application at the `/maps/nodeimage` endpoint. The `Image Name` parameter is reflected in the HTTP ...
A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the LibreNMS application at the `/maps/nodeimage` endpoint. The `Image Name` parameter is reflected in the HTTP ...