π¨ CVE-2025-63420
CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Reports / "Who Created Folder"), enabling persistent HTML execution in admin sessions.
π@cveNotify
CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Reports / "Who Created Folder"), enabling persistent HTML execution in admin sessions.
π@cveNotify
Gist
Stored HTMLi on Admin Panel - Reports - "Who Created Folder" due to the lack of sanitizations
Stored HTMLi on Admin Panel - Reports - "Who Created Folder" due to the lack of sanitizations - readme.md
π¨ CVE-2025-46651
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0.0.1.example.com/ or a similarly constructed domain name. This may lead to unauthorized port scanning or access to internal-only services.
π@cveNotify
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0.0.1.example.com/ or a similarly constructed domain name. This may lead to unauthorized port scanning or access to internal-only services.
π@cveNotify
GitHub
tinyfilemanager-security-advisories/CVE-2025-46651.md at main Β· RobertoLuzanilla/tinyfilemanager-security-advisories
Contribute to RobertoLuzanilla/tinyfilemanager-security-advisories development by creating an account on GitHub.
π¨ CVE-2026-1554
XML Injection (aka Blind XPath Injection) vulnerability in Drupal Central Authentication System (CAS) Server allows Privilege Escalation.This issue affects Central Authentication System (CAS) Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2.
π@cveNotify
XML Injection (aka Blind XPath Injection) vulnerability in Drupal Central Authentication System (CAS) Server allows Privilege Escalation.This issue affects Central Authentication System (CAS) Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2.
π@cveNotify
Drupal.org
Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007
This module enables you to turn a Drupal install into the Central Authentication System (CAS). It makes your database the primary location for other systems to use for authentication in a SSO environment. The module doesn't sufficiently sanitize user-suppliedβ¦
π¨ CVE-2023-53605
In the Linux kernel, the following vulnerability has been resolved:
drm: amd: display: Fix memory leakage
This commit fixes memory leakage in dc_construct_ctx() function.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
drm: amd: display: Fix memory leakage
This commit fixes memory leakage in dc_construct_ctx() function.
π@cveNotify
π¨ CVE-2023-53606
In the Linux kernel, the following vulnerability has been resolved:
nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
There are two different flavors of the nfsd4_copy struct. One is
embedded in the compound and is used directly in synchronous copies. The
other is dynamically allocated, refcounted and tracked in the client
struture. For the embedded one, the cleanup just involves releasing any
nfsd_files held on its behalf. For the async one, the cleanup is a bit
more involved, and we need to dequeue it from lists, unhash it, etc.
There is at least one potential refcount leak in this code now. If the
kthread_create call fails, then both the src and dst nfsd_files in the
original nfsd4_copy object are leaked.
The cleanup in this codepath is also sort of weird. In the async copy
case, we'll have up to four nfsd_file references (src and dst for both
flavors of copy structure). They are both put at the end of
nfsd4_do_async_copy, even though the ones held on behalf of the embedded
one outlive that structure.
Change it so that we always clean up the nfsd_file refs held by the
embedded copy structure before nfsd4_copy returns. Rework
cleanup_async_copy to handle both inter and intra copies. Eliminate
nfsd4_cleanup_intra_ssc since it now becomes a no-op.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
There are two different flavors of the nfsd4_copy struct. One is
embedded in the compound and is used directly in synchronous copies. The
other is dynamically allocated, refcounted and tracked in the client
struture. For the embedded one, the cleanup just involves releasing any
nfsd_files held on its behalf. For the async one, the cleanup is a bit
more involved, and we need to dequeue it from lists, unhash it, etc.
There is at least one potential refcount leak in this code now. If the
kthread_create call fails, then both the src and dst nfsd_files in the
original nfsd4_copy object are leaked.
The cleanup in this codepath is also sort of weird. In the async copy
case, we'll have up to four nfsd_file references (src and dst for both
flavors of copy structure). They are both put at the end of
nfsd4_do_async_copy, even though the ones held on behalf of the embedded
one outlive that structure.
Change it so that we always clean up the nfsd_file refs held by the
embedded copy structure before nfsd4_copy returns. Rework
cleanup_async_copy to handle both inter and intra copies. Eliminate
nfsd4_cleanup_intra_ssc since it now becomes a no-op.
π@cveNotify
π¨ CVE-2025-52344
Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject arbitrary JavaScript code on the user's browser via the Group name and Project Description input fields.
π@cveNotify
Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject arbitrary JavaScript code on the user's browser via the Group name and Project Description input fields.
π@cveNotify
Gist
CVE-2025-52344-Explorance-Blue-XSS.md
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-53679
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
π@cveNotify
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1, FortiSandbox Cloud 23 all versions allows a remote privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.
π@cveNotify
FortiGuard Labs
PSIRT | FortiGuard Labs
None
π¨ CVE-2026-24348
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
π@cveNotify
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
π@cveNotify
hub.ntc.swiss
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II - NTCF-2025-145332
π¨ CVE-2026-24831
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
GitHub
Potential Vulnerability in Cloned Code by tabudz Β· Pull Request #248 Β· ixray-team/ixray-1.6-stcop
Summary
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/bn_sqrt.c which was cloned from openssl/openssl but did not receive the security patch applied. The original ...
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/bn_sqrt.c which was cloned from openssl/openssl but did not receive the security patch applied. The original ...
π¨ CVE-2026-24832
Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
GitHub
Potential Vulnerability in Cloned Code by tabudz Β· Pull Request #257 Β· ixray-team/ixray-1.6-stcop
Summary
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/bn_print.c which was cloned from openssl/openssl but did not receive the security patch applied. The original...
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/bn_print.c which was cloned from openssl/openssl but did not receive the security patch applied. The original...
π¨ CVE-2026-24870
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.
π@cveNotify
GitHub
Potential Vulnerability in Cloned Code by tabudz Β· Pull Request #258 Β· ixray-team/ixray-1.6-stcop
Summary
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/dh_check.c which was cloned from openssl/openssl but did not receive the security patch applied. The original...
Our tool detected a potential vulnerability in src/3rd-party/crypto/openssl/src/dh_check.c which was cloned from openssl/openssl but did not receive the security patch applied. The original...
π¨ CVE-2026-1197
A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
MineAdmin Enterprise Backend Management System downloadById Arbitrary File Download Vulnerability VDB-341782 (CVE-2026-1197) Β·β¦
MineAdmin Enterprise Backend Management System downloadById Arbitrary File Download Vulnerability MineAdmin Official Website: https://doc.mineadmin.com/ Asset Discovery Syntax: body="MineAdmin...
π¨ CVE-2025-41024
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.
π@cveNotify
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Poultry Farm Management System
INCIBE has coordinated the publication of 2 medium-severity vulnerability affecting Poultry Farm Manag
π¨ CVE-2025-41025
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
'category' y 'product' parameters in '/farm/sell_product.php'.
π@cveNotify
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
'category' y 'product' parameters in '/farm/sell_product.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Poultry Farm Management System
INCIBE has coordinated the publication of 2 medium-severity vulnerability affecting Poultry Farm Manag
π¨ CVE-2025-15281
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
π@cveNotify
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
π@cveNotify
π¨ CVE-2025-36063
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.
π@cveNotify
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.
π@cveNotify
Ibm
Security Bulletin: Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX.
Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX. These vulnerabilities are specifically found in the Sterling Connect:Express Adapter for Sterling B2B Integrator. The Web interface is delivered with this product as an additionalβ¦
π¨ CVE-2026-24515
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.
π@cveNotify
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.
π@cveNotify
GitHub
[CVE-2026-24515] lib: Make `XML_ExternalEntityParserCreate` copy unknown encoding handler user data by hartwork Β· Pull Requestβ¦
:herb: Fast streaming XML parser written in C99 with >90% test coverage; moved from SourceForge to GitHub - [CVE-2026-24515] lib: Make `XML_ExternalEntityParserCreate` copy unknown encoding handler user data by hartwork Β· Pull Request #1131 Β· libexpat/libexpat
π¨ CVE-2026-24345
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI
π@cveNotify
Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI
π@cveNotify
hub.ntc.swiss
Cross-Site Request Forgery in Admin UI of EZCast Pro II - NTCF-2025-32832
π¨ CVE-2026-24346
Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
π@cveNotify
Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
π@cveNotify
hub.ntc.swiss
Use of well-known default credentials in Admin UI of EZCast Pro II - NTCF-2025-13993
π¨ CVE-2026-24347
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory
π@cveNotify
Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory
π@cveNotify
hub.ntc.swiss
Improper input validation in Admin UI of EZCast Pro II - NTCF-2025-32806
π¨ CVE-2025-58340
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_delts write operation, leading to kernel memory exhaustion.
π@cveNotify
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_delts write operation, leading to kernel memory exhaustion.
π@cveNotify
Samsung Semiconductor Global
Product Security Update | Support | Samsung Semiconductor Global
Samsung semiconductor values product security. Check out the latest product security update at Samsung Semiconductor Global.