π¨ CVE-2025-56224
A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.
π@cveNotify
A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.
π@cveNotify
GitHub
GitHub - saykino/CVE-2025-56224
Contribute to saykino/CVE-2025-56224 development by creating an account on GitHub.
π¨ CVE-2025-60511
Moodle OpenAI Chat Block plugin 3.0.1 (2025021700) suffers from an Insecure Direct Object Reference (IDOR) vulnerability due to insufficient validation of the blockId parameter in /blocks/openai_chat/api/completion.php. An authenticated student can impersonate another user's block (e.g., administrator) and send queries that are executed with that block's configuration. This can expose administrator-only Source of Truth entries, alter model behavior, and potentially misuse API resources.
π@cveNotify
Moodle OpenAI Chat Block plugin 3.0.1 (2025021700) suffers from an Insecure Direct Object Reference (IDOR) vulnerability due to insufficient validation of the blockId parameter in /blocks/openai_chat/api/completion.php. An authenticated student can impersonate another user's block (e.g., administrator) and send queries that are executed with that block's configuration. This can expose administrator-only Source of Truth entries, alter model behavior, and potentially misuse API resources.
π@cveNotify
GitHub
GitHub - onurcangnc/moodle_block_openai_chat: The completion.php endpoint uses the blockId parameter to determine which chat blockβ¦
The completion.php endpoint uses the blockId parameter to determine which chat block configuration (prompt templates, source of truth entries, model settings) to use when processing OpenAI completi...
π¨ CVE-2025-56447
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
π@cveNotify
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
π@cveNotify
Gist
CVE-2025-56447 Authentication Bypass and Credential Disclosure in TM2 Monitoring v3.04.md
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-60419
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) allowing local authenticated attackers to send a crafted IOCTL request to the driver to cause a denial of service.
π@cveNotify
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348) allowing local authenticated attackers to send a crafted IOCTL request to the driver to cause a denial of service.
π@cveNotify
Cybersecurity Research Blog
CVE-2025-60419: Driver-induced Denial of Service via IOCTL handling
CVE-2025-60419 β a null-pointer dereference DoS in RtkIOAC60.sys triggered by sending an empty IRP buffer to IOCTL_NDISPROT_SET_EVENT, with full PoC.
π¨ CVE-2025-56385
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to authentication bypass, data leakage, or full system compromise of backend database contents.
π@cveNotify
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to authentication bypass, data leakage, or full system compromise of backend database contents.
π@cveNotify
Machevalia
CVE-2025-56385 Wellsky Harmony SQL Injection β Machevalia
Background A SQL injection vulnerability has been identified in WellSky Harmony v4.1.0.2.83 affecting the xmHarmony.asp login endpoint. WellSky Harmony is used for healthcare and related administrative workflows. User-supplied input to a login parameterβ¦
π¨ CVE-2025-63891
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents (including schema and credential hashes) via an unauthenticated HTTP GET request to /obs/database/obs_db.sql.
π@cveNotify
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents (including schema and credential hashes) via an unauthenticated HTTP GET request to /obs/database/obs_db.sql.
π@cveNotify
GitHub
CVEs/CVE-2025-63891.md at main Β· lucascdsm/CVEs
Salve! esse Γ© o repositΓ³rio que vai constar as CVEs que for encontrando durante minha jornada - lucascdsm/CVEs
π¨ CVE-2025-63892
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site scripting.
π@cveNotify
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site scripting.
π@cveNotify
GitHub
security-advisories/CVE-2025-63892.md at main Β· minhajultaivin/security-advisories
XSS vulnerability in SourceCodester Student Grades Management System (CVE-2025-63892) - minhajultaivin/security-advisories
π¨ CVE-2025-25613
FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext using simple base64 encoding during every POST request made to the server.
π@cveNotify
FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext using simple base64 encoding during every POST request made to the server.
π@cveNotify
GitHub
Home
Used to track progress on research with against the S3150-8T2F model of switch from FS.com. - SwiftSecur/S3150-8T2F-FS.com-Research
π¨ CVE-2025-61167
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opac_css/ajax_selector.php component via the id and datas parameters.
π@cveNotify
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opac_css/ajax_selector.php component via the id and datas parameters.
π@cveNotify
forge.sigb.net
Changelog 801 - PMB - PMB Forge
Redmine
π¨ CVE-2025-61168
An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file.
π@cveNotify
An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file.
π@cveNotify
forge.sigb.net
Changelog 801 - PMB - PMB Forge
Redmine
π¨ CVE-2025-50433
An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary user accounts.
π@cveNotify
An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary user accounts.
π@cveNotify
GitHub
CVE-2025-50433/CVE-2025-50433.md at main Β· 0xMandor/CVE-2025-50433
Contribute to 0xMandor/CVE-2025-50433 development by creating an account on GitHub.
π¨ CVE-2025-57200
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57200 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57198
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57198 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57199
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57199 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57201
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57201 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57202
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
π@cveNotify
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57202 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
π@cveNotify
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
π@cveNotify
CVE-2025-65841 - Acustica Audio - Account Takeover via Weak Encryption and Insecure Storage in Aquarius Desktop macOS | Simon Bertrand
CVE-2025-65841 - Acustica Audio - Account Takeover via Weak Encryption and Insecure Storage in Aquarius Desktop macOS | 0xAlmighty
π¨ CVE-2025-63401
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives
π@cveNotify
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives
π@cveNotify
π¨ CVE-2025-63402
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
π@cveNotify
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
π@cveNotify
π¨ CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
π@cveNotify
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
π@cveNotify
Medium
Discovery of two Two Critical Vulnerabilities in RUT22GW Industrial LTE Cellular Routers
RUT22GW Industrial LTE Cellular Routers contain critical RCE and backdoor flaws allowing attackers full get remote control.
π¨ CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.
π@cveNotify
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.
π@cveNotify
Medium
Discovery of two Two Critical Vulnerabilities in RUT22GW Industrial LTE Cellular Routers
RUT22GW Industrial LTE Cellular Routers contain critical RCE and backdoor flaws allowing attackers full get remote control.