CyberPanel 访问控制错误漏洞

CyberPanel is a virtual hosting control panel developed by Usman Nasir, which includes DNS and email servers. Versions of CyberPanel prior to 2.4.4 contained an access control vulnerability. This vulnerability stemmed from an authentication bypass in the AI Scanner worker API endpoints, allowing...

AIS-catcher 安全漏洞

AIS-catcher is an AIS receiver from Jasper Personal Developers. A security vulnerability exists in AIS-catcher versions prior to 0.64, which stems from a heap buffer overflow in the AIS::Message class that could lead to arbitrary data writes...

CVE-2025-5296

Schneider Electric SESU (Software Update) contains CWE-59: Improper Link Resolution Before File Access ('Link Following'). A low-privileged attacker who tampers with the installation folder could cause arbitrary data to be written to protected locations, potentially enabling privilege escalation,...

CVE-2025-5296

CWE-59: Improper Link Resolution Before File Access 'Link Following' vulnerability exists that could cause arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent...

External Control of File Name or Path

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to External Control of File Name or Path via the restorerunbackup function. An attacker can write arbitrary data to arbitrary locations on the host server by controlling...