🚨 CVE-2024-53010
Memory corruption may occur while attaching VM when the HLOS retains access to VM.
🎖@cveNotify
Memory corruption may occur while attaching VM when the HLOS retains access to VM.
🎖@cveNotify
🚨 CVE-2024-53015
Memory corruption while processing IOCTL command to handle buffers associated with a session.
🎖@cveNotify
Memory corruption while processing IOCTL command to handle buffers associated with a session.
🎖@cveNotify
🚨 CVE-2024-53020
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
🎖@cveNotify
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
🎖@cveNotify
🚨 CVE-2025-41392
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
🚨 CVE-2025-53705
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
🚨 CVE-2025-46269
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
🎖@cveNotify
🚨 CVE-2018-11802
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
🎖@cveNotify
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
🎖@cveNotify
🚨 CVE-2023-5844
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
🎖@cveNotify
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
🎖@cveNotify
GitHub
[Improvement]: Check if new password is NOT the same as the old one w… · pimcore/admin-ui-classic-bundle@498ac77
…hen resetting (#285)
* add check that new passoword is different than old one
* refactor empty old password check
* add CHANGELOG
* Update CHANGELOG.md
---------
Co-authored-by: Di...
* add check that new passoword is different than old one
* refactor empty old password check
* add CHANGELOG
* Update CHANGELOG.md
---------
Co-authored-by: Di...
🚨 CVE-2024-23681
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
GitHub
GHSA-98hq-4wmw-98w9 - GitHub Advisory Database
Arbitrary code execution in de.tum.in.ase:artemis-java-test-sandbox
🚨 CVE-2024-23682
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
GitHub
GHSA-227w-wv4j-67h4 - GitHub Advisory Database
Class Loading Vulnerability in Artemis
🚨 CVE-2024-23683
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
🎖@cveNotify
GitHub
GHSA-883x-6fch-6wjx - GitHub Advisory Database
Trust Boundary Violation due to Incomplete Blacklist in Test Failure Processing in Ares
🚨 CVE-2018-25120
D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a command injection vulnerability in the Mail Test functionality. The web maintenance script posts to the internal goForm endpoint '/goform/Mail_Test' and uses several form parameters directly in a call to a system email utility without proper input validation. An unauthenticated remote attacker can supply crafted form data that injects shell commands, resulting in execution as root on the device. NOTE: The DNS-343 product line has been declared end-of-life.
🎖@cveNotify
D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a command injection vulnerability in the Mail Test functionality. The web maintenance script posts to the internal goForm endpoint '/goform/Mail_Test' and uses several form parameters directly in a call to a system email utility without proper input validation. An unauthenticated remote attacker can supply crafted form data that injects shell commands, resulting in execution as root on the device. NOTE: The DNS-343 product line has been declared end-of-life.
🎖@cveNotify
GitHub
advisories/[GTSA-00128] D-Link DNS-343 ShareCenter 1.05 Remote Root.txt at master · jamesbercegay/advisories
Security Advisories. Contribute to jamesbercegay/advisories development by creating an account on GitHub.
🔥1
🚨 CVE-2025-12969
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.
🎖@cveNotify
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.
🎖@cveNotify
fluentbit.io
Security Vulnerabilities Addressed in Fluent Bit v4.1 and Backported to v4.0
Summary of security issues reported and remediated in Fluent Bit v4.2, v4.1.1, and v4.0.14, including path traversal, stack buffer overflow, and authentication bypass fixes.
🚨 CVE-2025-12970
The extract_name function in Fluent Bit in_docker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary code execution.
🎖@cveNotify
The extract_name function in Fluent Bit in_docker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary code execution.
🎖@cveNotify
fluentbit.io
Security Vulnerabilities Addressed in Fluent Bit v4.1 and Backported to v4.0
Summary of security issues reported and remediated in Fluent Bit v4.2, v4.1.1, and v4.0.14, including path traversal, stack buffer overflow, and authentication bypass fixes.
🚨 CVE-2025-12972
Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.
🎖@cveNotify
Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.
🎖@cveNotify
fluentbit.io
Security Vulnerabilities Addressed in Fluent Bit v4.1 and Backported to v4.0
Summary of security issues reported and remediated in Fluent Bit v4.2, v4.1.1, and v4.0.14, including path traversal, stack buffer overflow, and authentication bypass fixes.
🚨 CVE-2025-12977
Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. An attacker with network access or the ability to write records into Splunk or Elasticsearch can supply tag_key values containing special characters such as newlines or ../ that are treated as valid tags. Because tags influence routing and some outputs derive filenames or contents from tags, this can allow newline injection, path traversal, forged record injection, or log misrouting, impacting data integrity and log routing.
🎖@cveNotify
Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. An attacker with network access or the ability to write records into Splunk or Elasticsearch can supply tag_key values containing special characters such as newlines or ../ that are treated as valid tags. Because tags influence routing and some outputs derive filenames or contents from tags, this can allow newline injection, path traversal, forged record injection, or log misrouting, impacting data integrity and log routing.
🎖@cveNotify
fluentbit.io
Security Vulnerabilities Addressed in Fluent Bit v4.1 and Backported to v4.0
Summary of security issues reported and remediated in Fluent Bit v4.2, v4.1.1, and v4.0.14, including path traversal, stack buffer overflow, and authentication bypass fixes.
🚨 CVE-2021-26829
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.
🎖@cveNotify
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm.
🎖@cveNotify
ScadaBR
[REPORT] Falhas de segurança em versões do ScadaBR
Boa noite, Sou pesquisador de segurança da informação e estou abrindo esse tópico com intuito de obter um contato para que eu possa reportar falhas de segurança crítica em versões distinta do ScadaBR. Busquei o contato dos responsáveis/desenvolvedores do…
🚨 CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
🎖@cveNotify
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
🎖@cveNotify
🚨 CVE-2025-40934
XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted.
An attacker can remove the signature from the XML document to make it pass the verification check.
XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should return an error message. The affected versions return true when attempting to validate an XML file that contains no signatures.
🎖@cveNotify
XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted.
An attacker can remove the signature from the XML document to make it pass the verification check.
XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should return an error message. The affected versions return true when attempting to validate an XML file that contains no signatures.
🎖@cveNotify
GitHub
An unsigned XML should fail verification · Issue #63 · perl-net-saml2/perl-XML-Sig
An unsigned XML should fail verification However, running the code below prints "Signature valid.". use XML::Sig; my $cert_text = '-----BEGIN CERTIFICATE----- MIIC4jCCAcoCCQC33wnybT5Q...
🚨 CVE-2025-13683
Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.
🎖@cveNotify
Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.
🎖@cveNotify
Devolutions
advisories
Stay informed with Devolutions' latest security advisories on vulnerabilities, threats, and incident responses to enhance your cybersecurity posture.
🚨 CVE-2024-11831
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
🎖@cveNotify
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
🎖@cveNotify