4563 matches found
CVE-2025-27153
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-49595
n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. This allows authenticated attackers to cause service unavailability through malformed...
PT-2025-27832 · N8N · N8N
Name of the Vulnerable Software and Affected Versions: n8n versions prior to 1.99.1 Description: n8n is a workflow automation platform. An authorization issue was found in the "/rest/executions/:id/stop" endpoint, allowing an authenticated user to stop workflow executions they do not own or that...
CVE-2025-27153
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153
CVE-2025-27153 concerns the Escalade GLPI plugin for GLPI. Prior to version 2.9.11, an improper access control vulnerability could allow exposure of data and disrupt workflows. The issue has been patched in version 2.9.11. The published metrics indicate a base CVSS v3.1 score of 6.5 (MEDIUM) with...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-53104
CVE-2025-53104 concerns the gluestack-ui project, where a command injection flaw existed in the discussion-to-slack.yml GitHub Actions workflow. The root cause was untrusted Discussion fields (title/body, etc.) being interpolated directly into shell commands in a run: block, allowing an attacker ...
CVE-2025-53104 gluestack-ui Command Injection Vulnerability via discussion-to-slack GitHub Action Workflow
gluestack-ui is a library of copy-pasteable components & patterns crafted with Tailwind CSS NativeWind. Prior to commit e6b4271, a command injection vulnerability was discovered in the discussion-to-slack.yml GitHub Actions workflow. Untrusted discussion fields title, body, etc. were directly...
PT-2025-27573 · Glpi +1 · Escalade Glpi Plugin +1
Name of the Vulnerable Software and Affected Versions: Escalade GLPI plugin versions prior to 2.9.11 Description: The issue is related to improper access control, which can lead to data exposure and workflow disruptions. Recommendations: For versions prior to 2.9.11, update to version 2.9.11 to...
Skyvern SSTI Remote Code Execution
This module exploits SSTI vulnerability in Skyvern use exploit/linux/http/skyvernssticve202549619 msf exploitskyvernssticve202549619 show targets ...targets... msf exploitskyvernssticve202549619 set TARGET msf exploitskyvernssticve202549619 show options ...show and set options... msf...
CVE-2025-49592 n8n Login Flow has Open Redirect Vulnerability
n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query parameter. This may...
CVE-2025-49592 n8n Login Flow has Open Redirect Vulnerability
n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query parameter. This may...
Multiple vulnerabilities in multiple BROTHER products
Overview Multiple BROTHER products provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. Exposure of sensitive system information to an unauthorized control sphere CWE-497 - CVE-2024-51977 Use of weak credentials CWE-1391 - CVE-2024-51978 Stack-based buffer overflow...
How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented...
Secure API-Driven Research Automation to Accelerate Scientific Discovery
The Secure Scientific Service Mesh S3M provides API-driven infrastructure to accelerate scientific discovery through automated research workflows. By integrating near real-time streaming capabilities, intelligent workflow orchestration, and fine-grained authorization within a service mesh...
SoK: Automated Vulnerability Repair: Methods, Tools, and Assessments
The increasing complexity of software has led to the steady growth of vulnerabilities. Vulnerability repair investigates how to fix software vulnerabilities. Manual vulnerability repair is labor-intensive and time-consuming because it relies on human experts, highlighting the importance of...
pgai 信息泄露漏洞
pgai is a set of tools open-sourced by timescale to make it easier to develop RAG, semantic search, and other AI applications using PostgreSQL. An information disclosure vulnerability exists in pgai, which stems from a vulnerability that allows an attacker to steal all secrets in a workflow...
Directory Traversal
Overview python-a2a is an A comprehensive Python library for Google's Agent-to-Agent A2A protocol Affected versions of this package are vulnerable to Directory Traversal via the createworkflow function in the api.py file. An attacker can access or modify files outside the intended directory by...