Tenda AC6 V5.0 HTTP authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2165 Tenda AC6 V5.0 HTTP authentication bypass vulnerability August 20, 2025 CVE Number CVE-2025-27129 SUMMARY An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP...

PT-2025-14579 · Winrar · Winrar

Name of the Vulnerable Software and Affected Versions: WinRAR versions prior to 7.11 Description: A security issue exists in WinRAR that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file. If a symbolic link specially...

KLA73806 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, perform cross-site scripting attack, execute arbitrary code, cause denial of service, spoof user interface, gain privileges. Below is a complete list of...

SUSE CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

CVE-2022-39205 Access Control Bypass in Onedev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. In versions of Onedev prior to 7.3.0 unauthenticated users can take over a OneDev instance if there is no properly configured reverse proxy. The /git-prereceive-callback endpoint is used by the pre-receive git hook on the...

Apple Mac OS X Security Update (HT213056)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA12374 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, perform cross-site scripting attack, obtain sensitive information, cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete...

BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Mozilla Thunderbird ESR Multiple Vulnerabilities - August12 (Mac OS X)

This host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrmultvulnaug12macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities - August12 Mac OS X Authors: Arun Kalla...

Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnaug12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - August12 Windows Authors: Arun Kallavi Copyright:...

CVE-2013-0625

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013...

Mozilla Firefox Multiple Vulnerabilities (Aug 2012) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-1326

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and...

openSUSE 10 Security Update : seamonkey (seamonkey-5815)

This update brings the Mozilla SeaMonkey browser to version 1.1.13. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...

Sun Java: Web Start argument injection vulnerability

Background Sun provides implementations of Java Development Kits JDK and Java Runtime Environments JRE. These implementations provide the Java Web Start technology that can be used for easy client-side deployment of Java applications. Description Jouko Pynnonen discovered that Java Web Start...