🚨 CVE-2023-33943
Cross-site scripting (XSS) vulnerability in the Account module in Liferay Portal 7.4.3.21 through 7.4.3.62, and Liferay DXP 7.4 update 21 through 62 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user's (1) First Name, (2) Middle Name, (3) Last Name, or (4) Job Title text field.
🎖@cveNotify
Cross-site scripting (XSS) vulnerability in the Account module in Liferay Portal 7.4.3.21 through 7.4.3.62, and Liferay DXP 7.4 update 21 through 62 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user's (1) First Name, (2) Middle Name, (3) Last Name, or (4) Job Title text field.
🎖@cveNotify
🚨 CVE-2023-33944
Cross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP 7.3 before update 24, and 7.4 before update 69 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a container type layout fragment's `URL` text field.
🎖@cveNotify
Cross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP 7.3 before update 24, and 7.4 before update 69 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a container type layout fragment's `URL` text field.
🎖@cveNotify
🚨 CVE-2023-3426
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations.
🎖@cveNotify
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations.
🎖@cveNotify
🚨 CVE-2024-2433
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images.
This issue affects only the web interface of the management plane; the dataplane is unaffected.
🎖@cveNotify
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images.
This issue affects only the web interface of the management plane; the dataplane is unaffected.
🎖@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the ...
🚨 CVE-2024-24506
Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function.
🎖@cveNotify
Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function.
🎖@cveNotify
🚨 CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary.
🎖@cveNotify
Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary.
🎖@cveNotify
GitHub
GitHub - Alaatk/CVE-2024-27674: Macro Expert <= 4.9.4 - Insecure Permissions Privilege Escalation
Macro Expert <= 4.9.4 - Insecure Permissions Privilege Escalation - Alaatk/CVE-2024-27674
🚨 CVE-2024-3387
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
🎖@cveNotify
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
🎖@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panor...
🚨 CVE-2024-37282
It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.
🎖@cveNotify
It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges.
🎖@cveNotify
Discuss the Elastic Stack
Elastic Cloud Enterprise 3.7.2 Security Update (ESA-2024-18)
ECE Improper Authorization (ESA-2024-18) It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated privileges. Affected…
🚨 CVE-2024-5911
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.
🎖@cveNotify
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.
🎖@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2024-5911 PAN-OS: File Upload Vulnerability in the Panorama Web Interface
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash ...
🚨 CVE-2024-6933
A flaw has been found in LimeSurvey 6.5.14-240624. Affected by this issue is the function actionUpdateSurveyLocaleSettingsGeneralSettings of the file /index.php?r=admin/database/index/updatesurveylocalesettings_generalsettings of the component Survey General Settings Handler. This manipulation of the argument Language causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Upgrading to version 6.6.2+240827 can resolve this issue. Patch name: d656d2c7980b7642560977f4780e64533a68e13d. You should upgrade the affected component.
🎖@cveNotify
A flaw has been found in LimeSurvey 6.5.14-240624. Affected by this issue is the function actionUpdateSurveyLocaleSettingsGeneralSettings of the file /index.php?r=admin/database/index/updatesurveylocalesettings_generalsettings of the component Survey General Settings Handler. This manipulation of the argument Language causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Upgrading to version 6.6.2+240827 can resolve this issue. Patch name: d656d2c7980b7642560977f4780e64533a68e13d. You should upgrade the affected component.
🎖@cveNotify
LimeSurvey | Open Source Survey Tool
Downloads
Test LimeSurvey Cloud Get the most out of LimeSurvey and start using the LimeSurvey Cloud today We take care of the infrastructure and you concentrate on the important things: your surveys. Our highly available premium hosting provides you with LimeSurvey…
🚨 CVE-2024-55929
A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources.
🎖@cveNotify
A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources.
🎖@cveNotify
🚨 CVE-2024-55930
Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files
🎖@cveNotify
Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files
🎖@cveNotify
🚨 CVE-2024-55931
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised.
The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.
🎖@cveNotify
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised.
The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.
🎖@cveNotify
🚨 CVE-2025-41375
SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint.
🎖@cveNotify
SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint.
🎖@cveNotify
www.incibe.es
Multiple vulnerabilities in Limesurvey
INCIBE has coordinated the publication of 2 vulnerabilities: 1 of critical severity and 1 of high seve
🚨 CVE-2025-2668
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations…
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query that uses ALTER TABLE operations.
🚨 CVE-2025-36001
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® could allow an authenticated user to cause a denial of service using a specially crafted SQL statement…
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.
🚨 CVE-2025-36009
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an unauthenticated user to cause a denial of service due to excessive use of a global variable.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an unauthenticated user to cause a denial of service due to excessive use of a global variable.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may terminate under certain conditions (CVE-2025…
IBM® Db2® is vulnerable to a denial of service due to excessive use of a global variable.
🚨 CVE-2025-36070
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables…
IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.
🚨 CVE-2025-36098
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® is vulnerable to a denial of service due to improper allocation of resources (CVE-2025-36098)
IBM® Db2® could allow an authenticated user to cause a denial of service due to improper allocation of resources.
🚨 CVE-2025-36123
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources.
🎖@cveNotify
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources.
🎖@cveNotify
Ibm
Security Bulletin: IBM® Db2® is vulnerable to a denial of service when copying large tables containing XML data (CVE-2025-36123)
IBM® Db2® could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources.
🚨 CVE-2025-56005
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk.
🎖@cveNotify
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk.
🎖@cveNotify
GitHub
GitHub - bohmiiidd/Undocumented-RCE-in-PLY: Undocumented RCE in PLY via `picklefile` Parameter
Undocumented RCE in PLY via `picklefile` Parameter - bohmiiidd/Undocumented-RCE-in-PLY