CVE-2025-59292

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

XML Injection

io.minio:minio is vulnerable to XML Injection. The vulnerability is due to automatic substitution of XML tag values containing system property or environment variable references during processing, which allows an attacker to craft malicious XML input that exposes sensitive information such as...

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

CVE-2025-52625

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

CVE-2025-52625 HCL AION is susceptible to Cacheable SSL Page Found vulnerability

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

CVE-2025-52625

CVE-2025-52625 affects HCL AION 2.0. A vulnerability described as a Cacheable SSL Page Found issue could allow attackers with access to the device or browser to view cached data, exposing credentials, system identifiers, or internal file paths. Root cause specifics, affected components beyond the...

CVE-2025-52625 HCL AION is susceptible to Cacheable SSL Page Found vulnerability

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

EUVD-2025-33697

A vulnerability Cacheable SSL Page Found vulnerability has been identified in HCL AION. Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0...

HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform from HCL India. A security vulnerability exists in HCL AION version 2.0, which stems from a cachable SSL page that could lead to the disclosure of credentials, system identifiers, or internal file paths...

PT-2025-41545

Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description A security issue has been identified in HCL AION where cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser. Recommendations At the...

EUVD-2025-33575

Newforma Info Exchange NIX uses a hard-coded key to encrypt certain query parameters. Some encrypted parameter values can specify paths to download files, potentially bypassing authentication and authorization, for example, the 'qs' parameter used in '/DownloadWeb/download.aspx'. This key is shar...

Directory Traversal

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Directory Traversal via the WriteFile and ReadFile tools. An attacker can gain full control over the server, including executing arbitrary commands, by supplying crafted file paths that allow writing files ...

Newforma Project Center Server 安全漏洞

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A security vulnerability exists in Newforma Project Center Serve...

EUVD-2021-23567

Malware in sbrugna...

EUVD-2009-2325

Malware in sbrugna...

EUVD-2018-17288

Malware in sbrugna...

EUVD-2020-0329

Malware in sbrugna...

CVE-2025-58769

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

EUVD-2022-49458

Malicious code in bioql PyPI...