CVE-2025-53397 Advantech iView Cross-site Scripting

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

DEBIAN-CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

AZL-65079 CVE-2025-27614 affecting package git for versions less than 2.45.4-1

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

ALPINE-CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

CVE-2025-27614 Gitk allows arbitrary command execution

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

Advantech iView 跨站脚本漏洞

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

CLSA-2025-1752089153 redis: Fix of CVE-2024-31449

CVE-2024-31449: fix stack buffer overflow in bit library triggered by Lua script execution...

PT-2025-29233 · Mpc10 +6 · Mpc10 +7

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 23.2 through 23.2R2-S4 Juniper Networks Junos OS versions 23.4 through 23.4R2-S5 Juniper Networks Junos OS versions 24.2 through 24.2R2-S1 Juniper Networks Junos OS versions 24.4 through 24.4R1-S3 Juniper...

CVE-2025-48384

Git vulnerability CVE-2025-48384 arises from Git’s handling of trailing CR characters in config and submodule paths, which can cause a submodule to checkout to an incorrect location and potentially execute a post-checkout hook if a symlink points to the hooks directory. The issue affects Git and ...

CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

CVE-2025-42985

Due to insufficient sanitization in the SAP BusinessObjects Content Administrator Workbench, attackers could craft malicious URLs and execute scripts in a victim�s browser. This could potentially lead to the exposure or modification of web client data, resulting in low impact on confidentiality a...

SAP Business Warehouse 跨站脚本漏洞

SAP Business Warehouse is a key component for executing business processes from SAP, Germany, that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations through automation. A cross-site scripting vulnerability exists...

Git 安全漏洞

Git is a free, open source distributed version control system open-sourced by Git. A security vulnerability exists in Git that stems from improper handling of trailing carriage returns when processing configuration values, which could allow submodules to be incorrectly detected in a hook director...

SAP BusinessObjects Content Administrator workbench 输入验证错误漏洞

SAP BusinessObjects Content Administrator workbench is a software used to manage the report distribution function by SAP, Germany. An input validation error vulnerability exists in SAP BusinessObjects Content Administrator Workbench that stems from insufficient cleanup and could lead to the...

SAP NetWeaver Application Server ABAP 输入验证错误漏洞

SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language from SAP, Germany. An input validation error vulnerability exists in SAP NetWeaver Application Server ABAP, which stems from an open redirect that could cause a browser to execut...

CVE-2025-53526 WeGIA allows Stored XSS attacks in novo_memorando.php

WeGIA is a web manager for charitable institutions. An XSS Injection vulnerability was identified in novomemorando.php. After the memo was submitted, the vulnerability was confirmed by accessing listarmemorandosantigos.php. Upon loading this page, the injected script was executed in the browser...

CVE-2025-53526 WeGIA allows Stored XSS attacks in novo_memorando.php

WeGIA is a web manager for charitable institutions. An XSS Injection vulnerability was identified in novomemorando.php. After the memo was submitted, the vulnerability was confirmed by accessing listarmemorandosantigos.php. Upon loading this page, the injected script was executed in the browser...

CVE-2025-53599

Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme...