π¨ CVE-2023-30805
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling of shell meta-characters in the "un" parameter.
π@cveNotify
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling of shell meta-characters in the "un" parameter.
π@cveNotify
π¨ CVE-2024-21908
TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
π@cveNotify
TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
π@cveNotify
GitHub
CVE-2024-21908 - GitHub Advisory Database
Cross-site scripting vulnerability in TinyMCE
π¨ CVE-2024-21910
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
π@cveNotify
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
π@cveNotify
GitHub
CVE-2024-21910 - GitHub Advisory Database
Cross-site scripting vulnerability in TinyMCE plugins
π¨ CVE-2024-53021
Information disclosure may occur while processing goodbye RTCP packet from network.
π@cveNotify
Information disclosure may occur while processing goodbye RTCP packet from network.
π@cveNotify
π¨ CVE-2024-53026
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
π@cveNotify
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
π@cveNotify
π¨ CVE-2025-21463
Transient DOS while processing the EHT operation IE in the received beacon frame.
π@cveNotify
Transient DOS while processing the EHT operation IE in the received beacon frame.
π@cveNotify
π¨ CVE-2025-21464
Information disclosure while reading data from an image using specified offset and size parameters.
π@cveNotify
Information disclosure while reading data from an image using specified offset and size parameters.
π@cveNotify
π¨ CVE-2025-21465
Information disclosure while processing the hash segment in an MBN file.
π@cveNotify
Information disclosure while processing the hash segment in an MBN file.
π@cveNotify
π¨ CVE-2025-21487
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
π@cveNotify
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
π@cveNotify
π¨ CVE-2025-47318
Transient DOS while parsing the EPTM test control message to get the test pattern.
π@cveNotify
Transient DOS while parsing the EPTM test control message to get the test pattern.
π@cveNotify
π¨ CVE-2025-56423
An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages
π@cveNotify
An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages
π@cveNotify
Sec4You-Pentest
OpenAtlas:Schwachstelle User Enumeration CVE-2025-56423
In OpenAtlas < v8.12.0 ist es durch eine Benutzer-Enumeration Schwachstelle mΓΆglich registrierte Benutzer zu evaluieren
π¨ CVE-2025-60914
Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a crafted GET request to the /display_logo endpoint.
π@cveNotify
Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a crafted GET request to the /display_logo endpoint.
π@cveNotify
Sec4You-Pentest
OpenAtlas:Schwachstelle IDOR display_logo CVE-2025-60914
In OpenAtlas <= v8.12.0 am Endpunkt /display_logo/ liefert Dateien aus dem Upload-βLogo-Verzeichnis ohne erforderliche Autorisierung aus - IDOR
π¨ CVE-2025-60915
An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request.
π@cveNotify
An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request.
π@cveNotify
Sec4You-Pentest
OpenAtlas:Schwachstelle LFI display size CVE-2025-60915
In OpenAtlas <= v8.12.0 der Endpunkt /display/production.py ermΓΆglich Authentifizerte Benutzer Lokale System Dateien zu lesen und zu Exfiltrieren
π¨ CVE-2024-53010
Memory corruption may occur while attaching VM when the HLOS retains access to VM.
π@cveNotify
Memory corruption may occur while attaching VM when the HLOS retains access to VM.
π@cveNotify
π¨ CVE-2024-53015
Memory corruption while processing IOCTL command to handle buffers associated with a session.
π@cveNotify
Memory corruption while processing IOCTL command to handle buffers associated with a session.
π@cveNotify
π¨ CVE-2024-53020
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
π@cveNotify
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
π@cveNotify
π¨ CVE-2025-41392
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
π¨ CVE-2025-53705
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
π¨ CVE-2025-46269
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
π@cveNotify
π¨ CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
π@cveNotify
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
π@cveNotify
π¨ CVE-2023-5844
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
π@cveNotify
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
π@cveNotify
GitHub
[Improvement]: Check if new password is NOT the same as the old one w⦠· pimcore/admin-ui-classic-bundle@498ac77
β¦hen resetting (#285)
* add check that new passoword is different than old one
* refactor empty old password check
* add CHANGELOG
* Update CHANGELOG.md
---------
Co-authored-by: Di...
* add check that new passoword is different than old one
* refactor empty old password check
* add CHANGELOG
* Update CHANGELOG.md
---------
Co-authored-by: Di...