CVE-2025-59171

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-64109

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

CVE-2025-54863

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...

CVE-2025-54863 Insufficiently Protected Credentials in Radiometrics VizAir

Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...

PT-2025-45063

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2025.09.17-25b418f Description Cursor is a code editor designed for programming with AI. A flaw in the Cursor CLI Beta could allow a remote attacker to execute code. This is possible through the Model Context Protocol...

motionEye vulnerable to RCE via unsanitized motion config parameter

Summary A command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution RCE by supplying malicious values in configuration fields exposed via the Web UI. Because MotionEye writes user-supplied values directly into Motion configuration files without sanitization,...

CVE-2024-14004

Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...

CVE-2025-64348

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow...

CVE-2025-64348 ELOG configuration file authorization bypass

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow...

PT-2025-44665

Name of the Vulnerable Software and Affected Versions ELOG affected versions not specified Description ELOG allows an authenticated user to modify or overwrite the configuration file, potentially leading to a denial of service. If the execute facility is enabled using the '-x' command line flag,...

Progress Flowmon 安全漏洞

Progress Flowmon is a real-time network traffic monitoring tool from Progress. A security vulnerability exists in versions of Progress Flowmon prior to 12.5.6, which stems from improperly set permissions in the system configuration file, which could result in elevated privileges...

CVE-2025-61141

sqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environment variable and config file path to sh -c without sanitization, allowing attackers to execute arbitrary commands...

sqls 安全漏洞

sqls is the sqls-server open source a SQL language server written in Go. A security vulnerability exists in sqls version 0.2.28, which stems from the openEditor function not cleaning up the EDITOR environment variable and configuration file path, which could lead to a command injection attack...

Alibaba Cloud Workspace Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Alibaba Cloud Workspace Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Cleartext Transmission of Sensitive Information

Overview org.jenkins-ci.plugins:curseforge-publisher is a This plugin allows users to upload build artifacts to CurseForge as mod releases. Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information in the storage of API keys in unencrypted form within...

Jenkins Curseforge Publisher Plugin does not mask API Keys displayed on the job configuration form

Jenkins Curseforge Publisher Plugin 1.0 and earlier stores API Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the j...

GHSA-2VMR-8C82-X8XQ Jenkins ByteGuard Build Actions Plugin stores API tokens unencrypted in job config.xml files

Jenkins ByteGuard Build Actions Plugin 1.0 and earlier stores API tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally...