CVE-2025-49741 - No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49741
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52101 - linjiashop
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52101
Partager : LinkedIn / Twitter / Facebook

CVE-2025-45006 - Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-45006
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6600 - An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server that could allow an attacker to disclose the names of private repositories within an organization. This issue could be exploited by leveraging a user-to-server token with no scopes via the Search API endpoint. Successful exploitation required an organization administrator to install a malicious GitHub App in the organization's repositories. This vulnerability impacted only GitHub Enterprise Server version 3.17 and was addressed in version 3.17.2. The vulnerability was reported through the GitHub Bug Bounty program.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6600
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53104 - gluestack-ui is a library of copy-pasteable components & patterns crafted with Tailwind CSS (NativeWind). Prior to commit e6b4271, a command injection vulnerability was discovered in the discussion-to-slack.yml GitHub Actions workflow. Untrusted discussion fields (title, body, etc.) were directly interpolated into shell commands in a run: block. An attacker could craft a malicious GitHub Discussion title or body (e.g., $(curl ...)) to execute arbitrary shell commands on the Actions runner. This issue has been fixed in commit e6b4271 where the discussion-to-slack.yml workflow was removed. Users should remove the discussion-to-slack.yml workflow if using a fork or derivative of this repository.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53104
Partager : LinkedIn / Twitter / Facebook

CVE-2025-48379 - Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-48379
Partager : LinkedIn / Twitter / Facebook

CVE-2025-46259 - Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a before 6.3.7.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-46259
Partager : LinkedIn / Twitter / Facebook

CVE-2025-27153 - Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-27153
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53107 - @cyanheads/git-mcp-server is an MCP server designed to interact with Git repositories. Prior to version 2.1.5, there is a command injection vulnerability caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). An MCP Client can be instructed to execute additional actions for example via indirect prompt injection when asked to read git logs. This issue has been patched in version 2.1.5.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53107
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53103 - JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are published or stored anywhere public, then there is the possibility that a rouge attacker can steal the token and perform elevated actions by impersonating the user or app. This issue as been patched in version 5.13.2.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53103
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53100 - RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is written in a way that is vulnerable to command injection attacks as part of some of its MCP Server tools definition and implementation. This could result in a user initiated remote command injection attack on a running MCP Server. This issue has been patched in version 0.2.2.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53100
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52294 - Insufficient validation of the screen lock mechanism in Trust Wallet v8.45 allows physically proximate attackers to bypass the lock screen and view the wallet balance.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52294
Partager : LinkedIn / Twitter / Facebook

CVE-2025-45083 - Incorrect access control in Ullu (Android version v2.9.929 and IOS version v2.8.0) allows attackers to bypass parental pin feature via unspecified vectors.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-45083
Partager : LinkedIn / Twitter / Facebook

CVE-2025-45081 - Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-45081
Partager : LinkedIn / Twitter / Facebook

CVE-2025-45080 - YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly allowing attackers to execute a man-in-the-middle attack.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-45080
Partager : LinkedIn / Twitter / Facebook

CVE-2025-37099 - A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-37099
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34081 - The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34081
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34080 - The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34080
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6297 - It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6297
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6963 - A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /myprofile.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6963
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6962 - A vulnerability, which was classified as critical, was found in Campcodes Employee Management System 1.0. This affects an unknown part of the file /myprofileup.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6962
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6961 - A vulnerability, which was classified as critical, has been found in Campcodes Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /mark.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6961
Partager : LinkedIn / Twitter / Facebook

CVE-2025-50641 - Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-50641
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6960 - A vulnerability classified as critical was found in Campcodes Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /empproject.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6960
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6959 - A vulnerability classified as critical has been found in Campcodes Employee Management System 1.0. Affected is an unknown function of the file /eloginwel.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6959
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6958 - A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6958
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6957 - A vulnerability was found in Campcodes Employee Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /process/eprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6957
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53099 - Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth application registered with Sentry can take advantage of a race condition and improper handling of authorization code within Sentry to maintain persistence to a user's account. With a specially timed requests and redirect flows, an attacker could generate multiple authorization codes that could be used to exchange for access and refresh tokens. This was possible even after de-authorizing the particular application. This issue has been patched in version 25.5.0. Self-hosted Sentry users should upgrade to version 25.5.0 or higher. Sentry SaaS users do not need to take any action.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53099
Partager : LinkedIn / Twitter / Facebook

CVE-2025-50405 - Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-50405
Partager : LinkedIn / Twitter / Facebook

CVE-2025-50404 - Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in the array.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-50404
Partager : LinkedIn / Twitter / Facebook

CVE-2025-37098 - A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-37098
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34066 - An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle (MITM) attacks.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34066
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34065 - An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices' streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34065
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34064 - A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket (onelogin-adc-logs-production) without validating bucket ownership. An attacker who registers this unclaimed bucket can begin receiving log files from other OneLogin tenants. These logs may contain sensitive data such as directory tokens, user metadata, and environment configuration. This enables cross-tenant leakage of secrets, potentially allowing JWT signing key recovery and user impersonation.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34064
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34063 - A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1.5 due to the exposure of a tenant's SSO JWT signing key via the /api/adc/v4/configuration endpoint. An attacker in possession of the signing key can craft valid JWT tokens impersonating arbitrary users within a OneLogin tenant. The tokens allow authentication to the OneLogin SSO portal and all downstream applications federated via SAML or OIDC. This allows full unauthorized access across the victim's SaaS environment.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34063
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34062 - An information disclosure vulnerability exists in OneLogin AD Connector versions prior to 6.1.5 via the /api/adc/v4/configuration endpoint. An attacker with access to a valid directory_token—which may be retrievable from host registry keys or improperly secured logs—can retrieve a plaintext response disclosing sensitive credentials. These may include an API key, AWS IAM access and secret keys, and a base64-encoded JWT signing key used in the tenant's SSO IdP configuration.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34062
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34060 - A PHP objection injection vulnerability exists in the Monero Project's Laravel-based forum software due to unsafe handling of untrusted input in the /get/image/ endpoint. The application passes a user-supplied link parameter directly to file_get_contents() without validation. MIME type checks using PHP's finfo can be bypassed via crafted stream filter chains that prepend spoofed headers, allowing access to internal Laravel configuration files. An attacker can extract the APP_KEY from config/app.php, forge encrypted cookies, and trigger unsafe unserialize() calls, leading to reliable remote code execution.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34060
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34059 - An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject arbitrary SQL statements and potentially disclose sensitive information.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34059
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34058 - Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After authenticating with these credentials, an attacker can exploit an arbitrary file read vulnerability in the /systemLog/downFile.php endpoint via directory traversal in the fileName parameter. This exploit chain can enable unauthorized access to sensitive system files.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34058
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34056 - An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34056
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34055 - An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34055
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34054 - An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34054
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34053 - An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices' streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34053
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34052 - An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and NVRs via Machine.cgi?action=get_capability. Sensitive internal device information such as firmware version, MAC address, and codec support can be accessed without authentication.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34052
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34051 - A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP requests from the DVR to internal or external systems, potentially exposing sensitive data or interacting with internal services.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34051
Partager : LinkedIn / Twitter / Facebook

CVE-2025-34050 - A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of an authenticated user's browser session, allow unauthorized changes to the device configuration without user interaction.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-34050
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6956 - A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6956
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6955 - A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6955
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6954 - A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6954
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6953 - A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6953
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6920 - A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows unauthorized users to access the same inference features available on protected endpoints, potentially exposing sensitive functionality or allowing unintended access to backend resources.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6920
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49029 - Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49029
Partager : LinkedIn / Twitter / Facebook

CVE-2025-45872 - zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-45872
Partager : LinkedIn / Twitter / Facebook

CVE-2025-37097 - A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-37097
Partager : LinkedIn / Twitter / Facebook

CVE-2025-36582 - Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-36582
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6952 - A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6952
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6951 - A vulnerability classified as problematic was found in SAFECAM X300 up to 20250611. This vulnerability affects unknown code of the component FTP Service. The manipulation leads to use of default credentials. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6951
Partager : LinkedIn / Twitter / Facebook

CVE-2025-5314 - The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via the ‘pdf-source' parameter in all versions up to, and including, 2.3.65 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-5314
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49483 - Improper Resource Shutdown or Release vulnerability in ASR180x ?ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49483
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49482 - Improper Resource Shutdown or Release vulnerability in ASR180x ?ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr098.c. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49482
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49481 - Improper Resource Shutdown or Release vulnerability in ASR180x ?ASR190x in router modules allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pbwork-queue.C. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49481
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49480 - Out-of-bounds access in ASR180x ?ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49480
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6224 - Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6224
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49492 - Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun.  This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49492
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49491 - Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux?Kestrel?Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49491
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49488 - Improper Resource Shutdown or Release vulnerability in ASR180x ?ASR190x in router components allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pb.c. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49488
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6756 - The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's UACF7_CUSTOM_FIELDS shortcode in all versions up to, and including, 3.5.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6756
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49490 - Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49490
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49489 - Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux?Kestrel?Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49489
Partager : LinkedIn / Twitter / Facebook

CVE-2025-5072 - Resource leak vulnerability in ASR180x?ASR190x in con_mgr allows Resource Leak Exposure.This issue affects Falcon_Linux?Kestrel?Lapwing_Linux: before v1536.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-5072
Partager : LinkedIn / Twitter / Facebook

CVE-2025-41656 - An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-41656
Partager : LinkedIn / Twitter / Facebook

CVE-2025-41648 - An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-41648
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6934 - The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the 'on_regiser_user' function. This makes it possible for unauthenticated attackers to arbitrarily choose the role, including the Administrator role, assigned when registering.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6934
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6081 - Insufficiently Protected Credentials in LDAP in Konica Minolta bizhub 227 Multifunction printers version GCQ-Y3 or earlier allows an attacker can reconfigure the target device to use an external LDAP service controlled by the attacker. If an LDAP password is set on the target device, the attacker can force the target device to authenticate to the attacker controlled LDAP service. This will allow the attacker to capture the plaintext password of the configured LDAP service.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6081
Partager : LinkedIn / Twitter / Facebook

CVE-2025-5967 - A stored cross-site scripting vulnerability in ENS HX 10.0.4 allows a malicious user to inject arbitrary HTML into the ENS HX Malware Scan Name field, resulting in the exposure of sensitive data.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-5967
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6940 - A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6940
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6939 - A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6939
Partager : LinkedIn / Twitter / Facebook

CVE-2024-49365 - tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a malicious JSON-stringifyable message can be made passing on verify(), when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. Buffer.isBuffer check can be bypassed, resulting in strange objects being accepted as a message, and those messages could trick verify() into returning false-positive true values. This issue has been patched in version 1.1.7.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-49365
Partager : LinkedIn / Twitter / Facebook

CVE-2024-49364 - tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a private key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. The Buffer.isBuffer check can be bypassed, resulting in k reuse for different messages, leading to private key extraction over a single invalid message (and a second one for which any message/signature could be taken, e.g. previously known valid one). This issue has been patched in version 1.1.7.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-49364
Partager : LinkedIn / Twitter / Facebook

CVE-2024-46993 - Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents. This issue has been patched in versions 28.3.2, 29.3.3, and 30.0.3. There are no workarounds for this issue.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-46993
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6938 - A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6938
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53096 - Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting (one or multiple clicks) with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. This issue has been patched in version 2025.628.4510.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53096
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53095 - Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since the application does OS command execution by design, this issue can be exploited to abuse the "Command Preparations" feature, enabling an attacker to inject arbitrary commands that will be executed with Administrator privileges when an application is launched. This issue has been patched in version 2025.628.4510.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53095
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53003 - The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts ..etc. This issue has been patched in version 1.8.0. A workaround for this vulnerability involves users forking and building the config api, patching it in their system following commit 92eea4d.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53003
Partager : LinkedIn / Twitter / Facebook

CVE-2024-46992 - Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macOS are not impacted. Specifically this issue can only be exploited if the app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the .app bundle on macOS which these fuses are supposed to protect against. This issue has been patched in versions 30.0.5 and 31.0.0-beta.1. There are no workarounds for this issue.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2024-46992
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6937 - A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6937
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53005 - DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-53005
Partager : LinkedIn / Twitter / Facebook

CVE-2025-36056 - IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-36056
Partager : LinkedIn / Twitter / Facebook

CVE-2025-2141 - IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-2141
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6936 - A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /addpro.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6936
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6935 - A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/payment_add.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6935
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6932 - A vulnerability, which was classified as problematic, was found in D-Link DCS-7517 up to 2.02.0. This affects the function g_F_n_GenPassForQlync of the file /bin/httpd of the component Qlync Password Generation Handler. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-6932
Partager : LinkedIn / Twitter / Facebook

CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-32462
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52997 - File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52997
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52996 - File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions 2.32.0 and prior, the implementation of password protected links is error-prone, resulting in potential unprotected sharing of a file through a direct download link. This link can either be shared unknowingly by a user or discovered from various locations such as the browser history or the log of a proxy server used. At time of publication, no known patched versions are available.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52996
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52995 - File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.10, the implementation of the allowlist is erroneous, allowing a user to execute more shell commands than they are authorized for. The concrete impact of this vulnerability depends on the commands configured, and the binaries installed on the server or in the container image. Due to the missing separation of scopes on the OS-level, this could give an attacker access to all files managed the application, including the File Browser database. This issue has been patched in version 2.33.10.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52995
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52901 - File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token (JWT) which is used as a session identifier will get leaked to anyone having access to the URLs accessed by the user. This will give an attacker full access to a user's account and, in consequence, to all sensitive files the user has access to. This issue has been patched in version 2.33.9.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52901
Partager : LinkedIn / Twitter / Facebook

CVE-2025-52491 - Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-52491
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49493 - Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-49493
Partager : LinkedIn / Twitter / Facebook

CVE-2025-36593 - Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.
30/06/2025 | https://cve.nohackme.com/index.php?action=detail&id=CVE-2025-36593
Partager : LinkedIn / Twitter / Facebook

Soutenez No Hack Me sur Tipeee

Les annonces ayant été modifiées dernièrement

CVE-2025-6931 - A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generate_pass_from_mac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6931
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6930 - A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/manage-foreigners-ticket.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6930
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6554 - Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6554
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6929 - A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/view-normal-ticket.php. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6929
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53004 - DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's Redshift Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-53004
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49521 - A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-49521
Partager : LinkedIn / Twitter / Facebook

CVE-2025-49520 - A flaw was found in Ansible Automation Platform's EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-49520
Partager : LinkedIn / Twitter / Facebook

CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-32463
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6907 - A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /book_car.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6907
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6906 - A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6906
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6900 - A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6900
Partager : LinkedIn / Twitter / Facebook

CVE-2025-53415 - Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-53415
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6897 - A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6897
Partager : LinkedIn / Twitter / Facebook

CVE-2025-5730 - The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-5730
Partager : LinkedIn / Twitter / Facebook

CVE-2025-3745 - The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-3745
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6887 - A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6887
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6886 - A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6886
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6880 - A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6880
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6879 - A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6879
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6878 - A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6878
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6877 - A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6877
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6876 - A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6876
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6875 - A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6875
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6874 - A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation of the argument user_id/plan_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6874
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6873 - A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6873
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6872 - A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6872
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6871 - A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6871
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6870 - A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6870
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6866 - A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forum_downloadfile.php. The manipulation of the argument filename leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6866
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6865 - A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6865
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6864 - A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6864
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6863 - A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-category-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6863
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6862 - A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6862
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6861 - A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulation of the argument plan_name/description/duration_days/price leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6861
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6860 - A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6860
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6849 - A vulnerability, which was classified as problematic, was found in code-projects Simple Forum 1.0. Affected is an unknown function of the file /forum_edit1.php. The manipulation of the argument text leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6849
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6848 - A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6848
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6847 - A vulnerability classified as critical was found in code-projects Simple Forum 1.0. This vulnerability affects unknown code of the file /forum_edit.php. The manipulation of the argument iii leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6847
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6846 - A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forum_viewfile.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6846
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6845 - A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /register1.php. The manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6845
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6844 - A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signin.php. The manipulation of the argument User leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6844
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6842 - A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit_user.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6842
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6841 - A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6841
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6840 - A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6840
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6837 - A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6837
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6836 - A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6836
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6835 - A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6835
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6834 - A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6834
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6828 - A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6828
Partager : LinkedIn / Twitter / Facebook

CVE-2025-6827 - A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
01/07/2025 | https://nvd.nist.gov/vuln/detail/CVE-2025-6827
Partager : LinkedIn / Twitter / Facebook