π¨ CVE-2025-1271
Reflected Cross-Site Scripting (XSS) in Anapi Group's h6web. This security flaw could allow an attacker to inject malicious JavaScript code into a URL. When a user accesses that URL, the injected code is executed in their browser, which can result in the theft of sensitive information, identity theft or the execution of unauthorised actions on behalf of the affected user.
π@cveNotify
Reflected Cross-Site Scripting (XSS) in Anapi Group's h6web. This security flaw could allow an attacker to inject malicious JavaScript code into a URL. When a user accesses that URL, the injected code is executed in their browser, which can result in the theft of sensitive information, identity theft or the execution of unauthorised actions on behalf of the affected user.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Anapi Group h6web
INCIBE has coordinated the publication of 2 vulnerabilities: one of critical severity and the other of
π¨ CVE-2025-1711
Multiple services of the DUT as well as different scopes of the same service reuse the same credentials.
π@cveNotify
Multiple services of the DUT as well as different scopes of the same service reuse the same credentials.
π@cveNotify
Sick
The SICK Product Security Incident Response Team (SICK PSIRT) | SICK
The SICK PSIRT is the central team of SICK AG which is authorized to respond to reports regarding the cyber security of products, solutions and services as well as provide information.
π¨ CVE-2025-4674
The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via "go get", are not affected.
π@cveNotify
The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via "go get", are not affected.
π@cveNotify
π¨ CVE-2025-47907
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
π@cveNotify
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
π@cveNotify
π¨ CVE-2025-13654
A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read.
π@cveNotify
A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read.
π@cveNotify
GitHub
Release 1.4.6 Β· zevv/duc
new: added LICENCE to 'make release' target
fix: fixed logic error in buffer_get()
cha: updated tests
fix: fixed logic error in buffer_get()
cha: updated tests
π¨ CVE-2025-1270
Insecure direct object reference (IDOR) vulnerability in Anapi Group's h6web, allows an authenticated attacker to access other users' information by making a POST request and modifying the βpkrelatedβ parameter in the β/h6web/ha_datos_hermano.phpβ endpoint to refer to another user. In addition, the first request could also allow the attacker to impersonate other users. As a result, all requests made after exploitation of the IDOR vulnerability will be executed with the privileges of the impersonated user.
π@cveNotify
Insecure direct object reference (IDOR) vulnerability in Anapi Group's h6web, allows an authenticated attacker to access other users' information by making a POST request and modifying the βpkrelatedβ parameter in the β/h6web/ha_datos_hermano.phpβ endpoint to refer to another user. In addition, the first request could also allow the attacker to impersonate other users. As a result, all requests made after exploitation of the IDOR vulnerability will be executed with the privileges of the impersonated user.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Anapi Group h6web
INCIBE has coordinated the publication of 2 vulnerabilities: one of critical severity and the other of
π¨ CVE-2025-1947
A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
report/nxb_2.md at main Β· heiheixz/report
Contribute to heiheixz/report development by creating an account on GitHub.
π¨ CVE-2025-27459
The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered.
π@cveNotify
The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered.
π@cveNotify
Sick
The SICK Product Security Incident Response Team (SICK PSIRT) | SICK
The SICK PSIRT is the central team of SICK AG which is authorized to respond to reports regarding the cyber security of products, solutions and services as well as provide information.
π¨ CVE-2023-45771
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contact Form With Captcha allows Reflected XSS.This issue affects Contact Form With Captcha: from n/a through 1.6.8.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contact Form With Captcha allows Reflected XSS.This issue affects Contact Form With Captcha: from n/a through 1.6.8.
π@cveNotify
π¨ CVE-2025-1946
A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the file /user/exportPDF. The manipulation of the argument id leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
report/nxb_1.md at main Β· heiheixz/report
Contribute to heiheixz/report development by creating an account on GitHub.
π¨ CVE-2025-27925
Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.
π@cveNotify
Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.
π@cveNotify
π¨ CVE-2025-27926
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
π@cveNotify
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
π@cveNotify
π¨ CVE-2025-41077
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. This allows the user's email addresses to be modified and, subsequently, using the password recovery functionality to access the application by impersonating any user, including those with administrative permissions.
π@cveNotify
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. This allows the user's email addresses to be modified and, subsequently, using the password recovery functionality to access the application by impersonating any user, including those with administrative permissions.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Viafirma products
INCIBE has coordinated the publication of two vulnerabilities, both high severity, affecting Documents
π¨ CVE-2025-41078
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents.
π@cveNotify
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Viafirma products
INCIBE has coordinated the publication of two vulnerabilities, both high severity, affecting Documents
π¨ CVE-2025-27796
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.
π@cveNotify
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.
π@cveNotify
π¨ CVE-2025-32460
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.
π@cveNotify
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call.
π@cveNotify
GitLab
ReadJXLImage(): pixel_format.num_channels needs to be 2 for grayscale matte. (8e56520435df) Β· Commits Β· GraphicsMagick / graphicsmagickβ¦
Heptapod FOSS public service
π¨ CVE-2024-56526
An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.
π@cveNotify
An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.
π@cveNotify
π¨ CVE-2025-27795
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.
π@cveNotify
ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.
π@cveNotify
π¨ CVE-2025-25748
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.
π@cveNotify
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.
π@cveNotify
π¨ CVE-2025-7808
The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
π@cveNotify
The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
π@cveNotify
WPScan
WP Shopify < 1.5.4 - Reflected XSS
See details on WP Shopify < 1.5.4 - Reflected XSS CVE 2025-7808. View the latest Plugin Vulnerabilities on WPScan.
π¨ CVE-2025-64718
js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).
π@cveNotify
js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).
π@cveNotify
GitHub
fix prototype pollution in merge (<<) Β· nodeca/js-yaml@383665f
JavaScript YAML parser and dumper. Very fast. Contribute to nodeca/js-yaml development by creating an account on GitHub.