CVE-2025-24924 GMOD Apollo Missing Authentication for Critical Function

Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...

CVE-2025-24924 GMOD Apollo Missing Authentication for Critical Function

Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...

CVE-2025-24924

CVE-2025-24924 concerns GMOD Apollo missing authentication for a critical function. Connected sources describe that GMOD Apollo lacks sufficient authentication when an administrative username is used, enabling privilege escalation. The ICS/NVD references add concrete technical details: (1) the sy...

CVE-2025-24924

Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...

Apollo 安全漏洞

Apollo is a genome annotation editor open-sourced by Generic Model Organism Database. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from the presence of a path information disclosure issue...

Apollo 安全漏洞

Apollo is a genome annotation editor in the Generic Model Organism Database open source. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from unchecked path traversal and could lead to a file upload vulnerability...

Apollo 安全漏洞

Apollo is a genome annotation editor open-sourced by Generic Model Organism Database. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from insufficient privilege checking and could lead to elevated privileges...

Apollo 访问控制错误漏洞

Apollo is a genome annotation editor in the Generic Model Organism Database open source. An access control error vulnerability exists in Apollo versions prior to 2.8.0 that stems from a lack of authentication and allows bypassing privilege checks...

CVE-2025-23410 GMOD Apollo Relative Path Traversal

When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...

CVE-2025-23410 GMOD Apollo Relative Path Traversal

When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...

CVE-2025-23410

GMOD Apollo is affected by a relative path traversal vulnerability in the web interface when uploading organism/sequence data. The root cause is that uploaded archives are unzip-inspected but not checked for path traversal in supported archive types, potentially allowing access to restricted path...

CVE-2025-21092 GMOD Apollo Incorrect Privilege Assignment

GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...

CVE-2025-21092 GMOD Apollo Incorrect Privilege Assignment

GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...

CVE-2025-21092

GMOD Apollo (CVE-2025-21092) contains insufficient logical/access checks when updating a user’s information, enabling potential privilege escalation for attackers. Multiple sources (NVD, Red Hat, Alpine, CVE lists, CNNVD, ICS advisory) describe the issue as an authorization/privilege-assignment f...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on March 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-063-01 Carrier Block Load ICSA-25-063-02 Keysight Ixia Vision Product Family...

CVE-2024-49589

Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument size...

CVE-2024-49589

Foundry Artifacts is affected by a Denial of Service via disk exhaustion caused by a user-supplied size argument. The PT-2025-6701 entry notes the affected versions are not specified and provides no fix information; no exploit details are described in the provided documents. Monitor for updates.

CVE-2024-49589 Foundry artifacts denial of service

Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument size...

CVE-2020-15170

apollo-adminservice before version 1.7.1 does not implement access controls. If users expose apollo-adminservice to internetwhich is not recommended, there are potential security issues since apollo-adminservice is designed to work in intranet and it doesn't have access control built-in. Maliciou...

CVE-2024-43783

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions =1.21.0 and =1.7.0 and 1.52.1 are impacted by a denial-of-service vulnerability if all of the...