CVE-2025-59900 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

CVE-2025-59900

CVE-2025-59900 describes a persistent authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. Root cause: insufficient validation of user input in the request path related to server options, specifically in “/server_opti...

EUVD-2023-2349

Malicious code in bioql PyPI...

CVE-2025-23786

creationtimestamp| type| source ---|---|--- 2025-02-14 13:17:26+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li5bzirf6m2i 2025-02-14 14:38:48+00:00| seen| https://infosec.exchange/users/cve/statuses/114002750893462072...

CVE-2025-25098

creationtimestamp| type| source ---|---|--- 2025-02-07 10:16:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleni5i3q27 2025-02-07 11:30:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113962375305292604...

CVE-2024-13484

creationtimestamp| type| source ---|---|--- 2025-01-28 17:58:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113907275874599319 2025-01-28 18:16:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgt2rpizkh2c 2025-01-28 20:49:39+00:00| seen|...

CVE-2025-0473

creationtimestamp| type| source ---|---|--- 2025-01-16 13:15:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113838214501625213 2025-01-16 13:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfuegbg3ky2e 2025-01-16 13:55:54+00:00| seen|...

CVE-2024-12566

creationtimestamp| type| source ---|---|--- 2025-01-13 06:05:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113819537157281010 2025-01-13 06:06:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1353 2025-01-13 06:10:26+00:00| seen|...

CVE-2025-0392

creationtimestamp| type| source ---|---|--- 2025-01-11 11:03:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113809386627182709 2025-01-11 11:03:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1293 2025-01-11 11:15:24+00:00| seen|...

CVE-2024-12404

creationtimestamp| type| source ---|---|--- 2025-01-11 02:43:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113807419166580049 2025-01-11 03:04:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1264 2025-01-11 03:15:55+00:00| seen|...

CVE-2020-1821

creationtimestamp| type| source ---|---|--- 2024-12-27 10:08:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113724234844968119 2024-12-27 10:08:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113724234827594674 2024-12-27 11:48:47+00:00| seen| https://t.me/cvedetector/137...

CVE-2024-55081

creationtimestamp| type| source ---|---|--- 2024-12-19 16:21:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113680401219545596 2024-12-19 17:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoer7qtvu22 2024-12-19 19:00:07+00:00| seen|...

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

CVE-2023-39348

CVE-2023-39348 affects Spinnaker and is caused by log output for GitHub status notifications being set to FULL, potentially exposing GitHub tokens in logs. The issue is limited to users of GitHub Status Notifications and could enable token exposure with elevated access to repositories outside of ...

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

CVE-2023-39348 Improper log output when using GitHub Status Notifications in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log...

PT-2023-26894 · Spinnaker · Spinnaker

Name of the Vulnerable Software and Affected Versions: Spinnaker affected versions not specified Description: Spinnaker is an open source, multi-cloud continuous delivery platform. The log output when updating GitHub status is improperly set to FULL always, which could output GitHub tokens to a l...