Exploit for CVE-2025-11203

CVE-2025-11203 – LiteLLM Health Endpoint APIKEY Information D...

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine is an identity services engine developed by Cisco, a US-based company. This platform collects real-time information from networks, users, and devices, and develops and implements policies to manage the network. There is a security vulnerability in Cisco Identity...

Zammad 安全漏洞

Zammad is a ticketing management software developed by the German company Zammad. Versions of Zammad prior to 7.0.1 and 6.5.4 contained security vulnerabilities. These vulnerabilities were due to improper cleaning of data: URI schemes by the HTML cleaner, which could allow the storage of maliciou...

TP-Link TL-MR6400 安全漏洞

The TP-Link TL-MR6400 is a wireless router produced by TP-Link Corporation. The TP-Link TL-MR6400 v5.3 version has a security vulnerability, which stems from insufficient data cleaning in the Telnet CLI. This vulnerability may lead to command injection attacks...

The vulnerability of the DEVICE_PING command in the monitoring and control software for solar energy systems, Tigo Cloud Connect Advanced (CCA), allows a hacker to gain unauthorized access to protected information, execute arbitrary commands, or cause service interruptions.

The vulnerability of the DEVICEPING command in the monitoring and management tool for solar energy systems, Tigo Cloud Connect Advanced CCA, is related to the lack of data cleaning at the control level during the processing of the final endpoint /cgi-bin/mobileapi. Exploiting this vulnerability c...

The vulnerability of the sub_435E04() function in Netgear JWNR2000v2 software allows a hacker to execute arbitrary commands.

The vulnerability of the sub435E04 function in Netgear JWNR2000v2 microprogrammed software lies in the lack of measures taken to clean data at the control level when processing the host parameter. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...

The vulnerability of microprogrammed access point software for small and medium-sized businesses under HPE Networking Instant On, related to the lack of data cleaning measures at the management level, allows attackers to execute arbitrary commands.

The vulnerability of HPE Networking Instant On’s microprogramming software for small and medium-sized businesses is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the apcli_do_enr_pbc_wps function in the Netgear RAX5 router’s built-in software allows a hacker to execute arbitrary commands.

The vulnerability of the apclidoenrpbcwps function in Netgear RAX5 router’s built-in software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

ROS-20250724-02

A vulnerability in the Cockpit server management system is related to the failure to clean data at the at the management level. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

The vulnerability of the NetMRI network monitoring program, related to the failure to take measures for data cleaning at the management level, allows a perpetrator to execute arbitrary commands.

The vulnerability of the NetMRI network monitoring program lies in the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation

Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...

The vulnerability of the OCAS Assistant dialog system, related to the failure to take measures for data cleaning at the management level, allows a perpetrator to execute arbitrary commands.

The vulnerability of the OCAS Assistant dialog system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the Microsoft Visual Studio software lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software lies in the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the bs_SetMacBlack() function in the libshare-0.0.26.so library of the LB-LINK router software allows a attacker to execute arbitrary commands.

The vulnerability of the bsSetMacBlack function in the libshare-0.0.26.so library of the LB-LINK router software is related to the lack of data cleaning measures at the control level when processing the mac parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the bs_setCmd() function in the libshare-0.0.26.so library of the LB-LINK microprogramming router software allows a attacker to execute arbitrary commands.

The vulnerability of the bssetCmd function in the libshare-0.0.26.so library of the LB-LINK router software lies in the failure to take data cleaning measures at the control level when processing the cmd parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary comman...

The vulnerability of the sub_F3C8C function in the Tenda CP3 IP camera software allows a intruder to execute arbitrary code.

The vulnerability of the subF3C8C function in the Tenda CP3 IP camera software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to the lack of data cleaning at the management level, allows a perpetrator to disclose protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized system allows a attacker to execute arbitrary code.

The vulnerability of the getServerCertificate method in the HPE StoreOnce VSA storage virtualized environment is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the lack of data cleaning at the management level, allowing attackers to execute arbitrary code.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the lack of measures taken to clean data at the management level. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...