13 matches found
Cinnamon kotaemon 安全漏洞
Cinnamon kotaemon is a RAG-based open source tool from Cinnamon Open Source. A security vulnerability exists in Cinnamon kotaemon version 0.11.0, which originates from storing plaintext passwords in client-side localStorage...
CVE-2025-56800
Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...
CVE-2025-56800
Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...
CVE-2025-61197
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
CVE-2025-61197
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
CVE-2025-61197
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
CVE-2025-61197
CVE-2025-61197 affects Orban Optimod family (5950, 5950HD, 5750, 5750HD, Trio) with version 1.0.0.33 up to 2.5.26. The root cause is that the application stores user privilege/role information in the client-side browser storage, enabling a remote attacker to escalate privileges. CVSS data in the ...
EUVD-2025-32536
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
CVE-2025-61197
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
GitLab 跨站脚本漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE, where an originated merge...
GHSA-C438-8CVQ-PXXX Apache Tapestry Unsafe Object Storage
Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service resource consumption or execute arbitrary code via crafted serialized data...
Apache Guacamole Information Disclosure Vulnerability
Apache Guacamole is a clientless remote desktop gateway from the American Apache Apache Software Foundation. The product supports protocols such as VNC, RDP and SSH. A security vulnerability exists in Apache Guacamole versions 0.9.4 through 0.9.14, which stems from the program's failure to use th...
[Raft v3.0.1] Response Analysis and Further Testing Tool
Not an inspection proxy RAFT is a testing tool for the identification of vulnerabilities in web applications. RAFT is a suite of tools that utilize common shared elements to make testing and analysis easier. The tool provides visibility in to areas that other tools do not such as various client...