π¨ CVE-2025-57198
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57198 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57199
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57199 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57201
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57201 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-57202
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
π@cveNotify
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
π@cveNotify
GitHub
vulnerability-research/CVE-2025-57202 at main Β· xchg-rax-rax/vulnerability-research
This repository details the CVEs that I have discovered. - xchg-rax-rax/vulnerability-research
π¨ CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
π@cveNotify
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
π@cveNotify
CVE-2025-65841 - Acustica Audio - Account Takeover via Weak Encryption and Insecure Storage in Aquarius Desktop macOS | Simon Bertrand
CVE-2025-65841 - Acustica Audio - Account Takeover via Weak Encryption and Insecure Storage in Aquarius Desktop macOS | 0xAlmighty
π¨ CVE-2025-63401
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives
π@cveNotify
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives
π@cveNotify
π¨ CVE-2025-63402
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
π@cveNotify
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
π@cveNotify
π¨ CVE-2025-29268
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
π@cveNotify
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
π@cveNotify
Medium
Discovery of two Two Critical Vulnerabilities in RUT22GW Industrial LTE Cellular Routers
RUT22GW Industrial LTE Cellular Routers contain critical RCE and backdoor flaws allowing attackers full get remote control.
π¨ CVE-2025-29269
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.
π@cveNotify
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.
π@cveNotify
Medium
Discovery of two Two Critical Vulnerabilities in RUT22GW Industrial LTE Cellular Routers
RUT22GW Industrial LTE Cellular Routers contain critical RCE and backdoor flaws allowing attackers full get remote control.
π¨ CVE-2025-65796
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.
π@cveNotify
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.
π@cveNotify
GitHub
fix(security): Add missing authorization checks to various services by FloDwld Β· Pull Request #5217 Β· usememos/memos
This pull request fixes several security issues exploitable by low-privileged and unauthenticated users by adding missing authorization checks:
IDP service: Restrict deleting and updating IDP prov...
IDP service: Restrict deleting and updating IDP prov...
π¨ CVE-2025-65798
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users.
π@cveNotify
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users.
π@cveNotify
GitHub
fix(security): Add missing authorization checks to various services by FloDwld Β· Pull Request #5217 Β· usememos/memos
This pull request fixes several security issues exploitable by low-privileged and unauthenticated users by adding missing authorization checks:
IDP service: Restrict deleting and updating IDP prov...
IDP service: Restrict deleting and updating IDP prov...
π¨ CVE-2025-65363
Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint.
π@cveNotify
Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint.
π@cveNotify
GitHub
security-advisories/CVE-2025-65363/README.md at main Β· tmogg/security-advisories
Security advisories and CVE disclosures. Contribute to tmogg/security-advisories development by creating an account on GitHub.
π¨ CVE-2025-65795
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request.
π@cveNotify
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request.
π@cveNotify
GitHub
fix(security): Add missing authorization checks to various services by FloDwld Β· Pull Request #5217 Β· usememos/memos
This pull request fixes several security issues exploitable by low-privileged and unauthenticated users by adding missing authorization checks:
IDP service: Restrict deleting and updating IDP prov...
IDP service: Restrict deleting and updating IDP prov...
π¨ CVE-2025-65797
Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service (DoS).
π@cveNotify
Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service (DoS).
π@cveNotify
GitHub
fix(security): Add missing authorization checks to various services by FloDwld Β· Pull Request #5217 Β· usememos/memos
This pull request fixes several security issues exploitable by low-privileged and unauthenticated users by adding missing authorization checks:
IDP service: Restrict deleting and updating IDP prov...
IDP service: Restrict deleting and updating IDP prov...
π¨ CVE-2025-65799
A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal.
π@cveNotify
A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal.
π@cveNotify
GitHub
fix(security): Validate attachment filenames by FloDwld Β· Pull Request #5218 Β· usememos/memos
This pull request fixes a path traversal and arbitrary file write vulnerability in the attachment service exploitable by low-privileged users if attachments are stored in the local file system. It ...
π¨ CVE-2025-65530
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file.
π@cveNotify
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file.
π@cveNotify
IMUNIFY 360
Security Advisory: Imunify AI-Bolit Vulnerability
We are issuing this security advisory regarding a vulnerability discovered in the AI-Bolit component of Imunify products.
π¨ CVE-2025-65427
An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations.
π@cveNotify
An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations.
π@cveNotify
GitHub
GitHub - kirubel-cve/CVE-2025-65427: CVE-2025-65427: Missing rate limiting in Dbit N300 T1 Pro router login API allows brute-forceβ¦
CVE-2025-65427: Missing rate limiting in Dbit N300 T1 Pro router login API allows brute-force attacks - kirubel-cve/CVE-2025-65427
π¨ CVE-2025-65568
A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and triggers an index-out-of-range panic. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.
π@cveNotify
A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and triggers an index-out-of-range panic. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.
π@cveNotify
GitHub
[Bug] UPF crash on malformed FAR (emptyIP) in Session Establishment Request Β· Issue #962 Β· omec-project/upf
Describe the bug After association completes, a crafted Session Establishment Request whose CreateFAR contains an empty/truncated IPv4 address field triggers an out-of-bounds read in ip2int (parse_...
π¨ CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file.
π@cveNotify
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file.
π@cveNotify
GitHub
CVE/CVE-2025-67289/README.md at main Β· vuquyen03/CVE
Contribute to vuquyen03/CVE development by creating an account on GitHub.
π¨ CVE-2025-65856
Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.
π@cveNotify
Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access.
π@cveNotify
π¨ CVE-2025-65857
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.
π@cveNotify
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.
π@cveNotify