EulerOS 2.0 SP13 : git (EulerOS-SA-2025-1614)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2025-1614)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix2 Vulnerability Details CVEID:CVE-2019-12900 DESCRIPTION: BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CWE:CWE-787: Out-of-bounds Write CVSS...

Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in OS kernel

Summary The following CVEs in the OS kernel may affect IBM DataPower Gateway Vulnerability Details CVEID:CVE-2023-52458 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add...

SinoTrack GPS Receiver

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access device profiles for which they are not authorized through the common web management interface. Access to the device profile may allow an attacker to perform some remote functions on connected...

Medium: git

Issue Overview: Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed...

Medium: git

Issue Overview: Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed...

Path traversal vulnerability in functional web frameworks (CVE-2024-38819)

Spring Framework is vulnerable to a path traversal issue due to a lack of sufficient sanitization of path sequences processed by the WebMvc.fn or WebFlux.fn functional web frameworks. A remote attacker could submit crafted HTTP requests to an application that serves static resources through the...

Siemens SIMATIC S7-1500 CPU family

SUMMARY Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP incl. SIPLUS variant. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not...

External Control of File Name or Path

Overview elmsln/haxcms is a Headless CMS for managing and publishing hybrid static, web component driven sites. Affected versions of this package are vulnerable to External Control of File Name or Path via the location parameter in the saveOutline API endpoint. An attacker can read arbitrary file...

Regular expression Denial of Service - ReDoS

Description A regular expression denial of service ReDoS vulnerability has been identified in the Hugging Face Transformers library's CLVP number normalizer. The vulnerability exists in the normalizenumbers method of the EnglishNormalizer class, which converts numeric strings to their English wor...

[SECURITY] [DLA 4210-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4210-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 09, 2025 https://wiki.debian.org/LTS -...

Debian dla-4210 : python-django-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4210 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4210-1 [email protected]...

CVE-2025-27445

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

Saffron-1: Towards an Inference Scaling Paradigm for LLM Safety Assurance

Existing safety assurance research has primarily focused on training-phase alignment to instill safe behaviors into LLMs. However, recent studies have exposed these methods' susceptibility to diverse jailbreak attacks. Concurrently, inference scaling has significantly advanced LLM reasoning...

CVE-2025-27445

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

CVE-2025-27445

The CVE-2025-27445 entry concerns RSFirewall for Joomla (RSJoomla) with versions 2.9.7 through 3.1.5. A path traversal flaw arises from insufficient sanitization of user-supplied file path parameters, allowing authenticated users to read arbitrary files outside the Joomla root. The issue is descr...

CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

CVE-2025-27445 Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters,...

PT-2025-23923 · Joomla · Rsfirewall

Name of the Vulnerable Software and Affected Versions: RSFirewall component versions 2.9.7 through 3.1.5 for Joomla Description: A path traversal issue allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of...