1235 matches found
CVE-2025-20002
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002
CVE-2025-20002 affects GMOD Apollo. Root cause is insufficient input validation during file uploads and archive handling, enabling local path information disclosure after uploading files that do not meet prerequisites. Documentation notes path traversal risk when updating user data and during arc...
CVE-2025-24924 GMOD Apollo Missing Authentication for Critical Function
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...
CVE-2025-24924 GMOD Apollo Missing Authentication for Critical Function
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...
CVE-2025-24924
CVE-2025-24924 concerns GMOD Apollo missing authentication for a critical function. Connected sources describe that GMOD Apollo lacks sufficient authentication when an administrative username is used, enabling privilege escalation. The ICS/NVD references add concrete technical details: (1) the sy...
CVE-2025-24924
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...
Apollo 安全漏洞
Apollo is a genome annotation editor open-sourced by Generic Model Organism Database. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from the presence of a path information disclosure issue...
Apollo 安全漏洞
Apollo is a genome annotation editor in the Generic Model Organism Database open source. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from unchecked path traversal and could lead to a file upload vulnerability...
Apollo 安全漏洞
Apollo is a genome annotation editor open-sourced by Generic Model Organism Database. A security vulnerability exists in Apollo versions prior to 2.8.0 that stems from insufficient privilege checking and could lead to elevated privileges...
Apollo 访问控制错误漏洞
Apollo is a genome annotation editor in the Generic Model Organism Database open source. An access control error vulnerability exists in Apollo versions prior to 2.8.0 that stems from a lack of authentication and allows bypassing privilege checks...
CVE-2025-23410 GMOD Apollo Relative Path Traversal
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...
CVE-2025-23410 GMOD Apollo Relative Path Traversal
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...
CVE-2025-23410
GMOD Apollo is affected by a relative path traversal vulnerability in the web interface when uploading organism/sequence data. The root cause is that uploaded archives are unzip-inspected but not checked for path traversal in supported archive types, potentially allowing access to restricted path...
CVE-2025-21092 GMOD Apollo Incorrect Privilege Assignment
GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...
CVE-2025-21092 GMOD Apollo Incorrect Privilege Assignment
GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...
CVE-2025-21092
GMOD Apollo (CVE-2025-21092) contains insufficient logical/access checks when updating a user’s information, enabling potential privilege escalation for attackers. Multiple sources (NVD, Red Hat, Alpine, CVE lists, CNNVD, ICS advisory) describe the issue as an authorization/privilege-assignment f...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on March 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-063-01 Carrier Block Load ICSA-25-063-02 Keysight Ixia Vision Product Family...
CVE-2024-49589
Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument size...
CVE-2024-49589
Foundry Artifacts is affected by a Denial of Service via disk exhaustion caused by a user-supplied size argument. The PT-2025-6701 entry notes the affected versions are not specified and provides no fix information; no exploit details are described in the provided documents. Monitor for updates.
CVE-2024-49589 Foundry artifacts denial of service
Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument size...