π¨ CVE-2025-14306
A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions. https://robo-code.blogspot.com/
π@cveNotify
A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions. https://robo-code.blogspot.com/
π@cveNotify
GitHub
Fix for Directory Traversal Vulnerability in recursivelyDelete Method by simei2k Β· Pull Request #67 Β· robo-code/robocode
Description:
This PR fixes a critical path traversal vulnerability in the recursivelyDelete method that could potentially allow deletion of files outside the intended base directory.
This issue, or...
This PR fixes a critical path traversal vulnerability in the recursivelyDelete method that could potentially allow deletion of files outside the intended base directory.
This issue, or...
π¨ CVE-2025-14307
An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files. This vulnerability can be exploited by manipulating the temporary file creation process, leading to potential unauthorized actions.
π@cveNotify
An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files. This vulnerability can be exploited by manipulating the temporary file creation process, leading to potential unauthorized actions.
π@cveNotify
GitHub
Fix for Insecure Temporary File Creation by simei2k Β· Pull Request #68 Β· robo-code/robocode
The current implementation of createTempFile() has a security vulnerability related to privilege management. File operations should run with controlled privileges using Java's AccessControl...
π¨ CVE-2025-14308
An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer overflows and arbitrary code execution. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the data length, leading to potential unauthorized code execution.
π@cveNotify
An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer overflows and arbitrary code execution. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the data length, leading to potential unauthorized code execution.
π@cveNotify
GitHub
Fix Integer Overflow Vulnerability in Buffer Write Method by simei2k Β· Pull Request #70 Β· robo-code/robocode
Description
This pull request addresses a security vulnerability in the write() method that could lead to potential buffer overflow attacks through integer overflow in array bounds checking.
The or...
This pull request addresses a security vulnerability in the write() method that could lead to potential buffer overflow attacks through integer overflow in array bounds checking.
The or...
π₯1
π¨ CVE-2025-68668
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. This issue has been patched in version 2.0.0. Workarounds for this issue involve disabling the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]", disabling Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0, and configuring n8n to use the task runner based Python sandbox via the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
π@cveNotify
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. This issue has been patched in version 2.0.0. Workarounds for this issue involve disabling the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]", disabling Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0, and configuring n8n to use the task runner based Python sandbox via the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
π@cveNotify
GitHub
Arbitrary Command Execution in Pyodide based Python Code Node
### Impact
A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide.
An authenticated user with permission to create or modify workflows can exploit this vulnerability to...
A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide.
An authenticated user with permission to create or modify workflows can exploit this vulnerability to...
π₯1
π¨ CVE-2025-66723
inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.
π@cveNotify
inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.
π@cveNotify
GitHub
GitHub - audiopump/cve-2025-66723: CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network filesβ¦
CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files to external parties - audiopump/cve-2025-66723
π¨ CVE-2025-14124
The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
π@cveNotify
The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
π@cveNotify
WPScan
Team < 5.0.11 - Unauthenticated SQLi
See details on Team < 5.0.11 - Unauthenticated SQLi CVE 2025-14124. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2025-9543
The FlexTable WordPress plugin before 3.19.2 does not sanitise and escape the imported links from Google Sheet cells, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
π@cveNotify
The FlexTable WordPress plugin before 3.19.2 does not sanitise and escape the imported links from Google Sheet cells, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
π@cveNotify
WPScan
FlexTable Google Sheets Connector < 3.19.2 - Admin+ Stored XSS
See details on FlexTable Google Sheets Connector < 3.19.2 - Admin+ Stored XSS CVE 2025-9543. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2025-68280
Improper Restriction of XML External Entity Reference vulnerability in Apache SIS.
It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the following SIS services:
* Reading of GeoTIFF files having the GEO_METADATA tag defined by the Defense Geospatial Information Working Group (DGIWG).
* Parsing of ISO 19115 metadata in XML format.
* Parsing of Coordinate Reference Systems defined in the GML format.
* Parsing of files in GPS Exchange Format (GPX).
This issue affects Apache SIS from versions 0.4 through 1.5 inclusive. Users are recommended to upgrade to version 1.6, which will fix the issue. In the meantime, the security vulnerability can be avoided by launching Java with the javax.xml.accessExternalDTD system property sets to a comma-separated list of authorized protocols. For example:
java -Djavax.xml.accessExternalDTD="" ...
π@cveNotify
Improper Restriction of XML External Entity Reference vulnerability in Apache SIS.
It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the following SIS services:
* Reading of GeoTIFF files having the GEO_METADATA tag defined by the Defense Geospatial Information Working Group (DGIWG).
* Parsing of ISO 19115 metadata in XML format.
* Parsing of Coordinate Reference Systems defined in the GML format.
* Parsing of files in GPS Exchange Format (GPX).
This issue affects Apache SIS from versions 0.4 through 1.5 inclusive. Users are recommended to upgrade to version 1.6, which will fix the issue. In the meantime, the security vulnerability can be avoided by launching Java with the javax.xml.accessExternalDTD system property sets to a comma-separated list of authorized protocols. For example:
java -Djavax.xml.accessExternalDTD="" ...
π@cveNotify
π¨ CVE-2024-30461
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11.
π@cveNotify
π¨ CVE-2025-65270
Reflected cross-site scripting (XSS) vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser.
π@cveNotify
Reflected cross-site scripting (XSS) vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser.
π@cveNotify
GitHub
GitHub - xh4vm/CVE-2025-65270: Reflected XSS in ClinCapture EDC
Reflected XSS in ClinCapture EDC. Contribute to xh4vm/CVE-2025-65270 development by creating an account on GitHub.
π¨ CVE-2024-35321
MyNET up to v26.08 was discovered to contain a Reflected cross-site scripting (XSS) vulnerability via the msgtipo parameter.
π@cveNotify
MyNET up to v26.08 was discovered to contain a Reflected cross-site scripting (XSS) vulnerability via the msgtipo parameter.
π@cveNotify
GitHub
Common-Vulnerabilities-and-Exposures-CVE-/MyNet.md at main Β· Manuel-arc/Common-Vulnerabilities-and-Exposures-CVE-
Github repository for discovered CVEs. Contribute to Manuel-arc/Common-Vulnerabilities-and-Exposures-CVE- development by creating an account on GitHub.
π¨ CVE-2025-26787
An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth certificate to connect. Admins can then set more restricted access to specific certificates. A logic error caused this admin CLI command to be run on each restart of the container instead of only the first startup as intended resetting the configuration to "allowany".
π@cveNotify
An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth certificate to connect. Admins can then set more restricted access to specific certificates. A logic error caused this admin CLI command to be run on each restart of the container instead of only the first startup as intended resetting the configuration to "allowany".
π@cveNotify
π¨ CVE-2025-63662
Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information.
π@cveNotify
Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information.
π@cveNotify
Gist
CVE-2025-63662.txt
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-63663
Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.
π@cveNotify
Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.
π@cveNotify
Gist
CVE-2025-63663.txt
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-63664
Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.
π@cveNotify
Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.
π@cveNotify
Gist
CVE-2025-63664.txt
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2024-6719
The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack
π@cveNotify
The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF attack
π@cveNotify
WPScan
Offload Videos β Bunny.net, AWS S3 <= 1.0.1 Subscriber+ CSRF
See details on Offload Videos β Bunny.net, AWS S3 <= 1.0.1 Subscriber+ CSRF CVE 2024-6719. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2025-4949
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.
π@cveNotify
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.
π@cveNotify
GitLab
CVE for https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281 (#64) Β· Issues Β· Eclipse Projects Security / cveβ¦
The Eclipse Foundation is a Common Vulnerabilities and Exposures (CVE) Numbering Authority. This issue it used to request and track the progress...
π¨ CVE-2025-9900
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
π@cveNotify
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
π@cveNotify
π¨ CVE-2025-63667
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API endpoints without authentication.
π@cveNotify
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API endpoints without authentication.
π@cveNotify
GitHub
GitHub - Remenis/CVE-2025-63667: Vatilon-based IP camera firmwares issue Session-Id tokens without verifying credentials, allowingβ¦
Vatilon-based IP camera firmwares issue Session-Id tokens without verifying credentials, allowing attackers to obtain sessions and retrieve plaintext account credentials via API endpoints. - Remeni...
π¨ CVE-2025-43320
The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26, macOS Sequoia 15.7.3. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
π@cveNotify
The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26, macOS Sequoia 15.7.3. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
π@cveNotify
Apple Support
About the security content of macOS Tahoe 26 - Apple Support
This document describes the security content of macOS Tahoe 26.