1943 matches found
CVE-2025-34332
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts located under C:\F2MAdmin\F2E\AudioCodesfiles\utils\Services. When certain service actions are...
CVE-2025-34334 AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via TestFax.php & LPE
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are vulnerable to an authenticated command injection in the fax test functionality implemented by AudioCodesfiles/TestFax.php. When a fax "send" test is requested, the application builds a faxsender comman...
CVE-2025-34334 AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via TestFax.php & LPE
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are vulnerable to an authenticated command injection in the fax test functionality implemented by AudioCodesfiles/TestFax.php. When a fax "send" test is requested, the application builds a faxsender comman...
CVE-2025-34332 AudioCodes Fax/IVR Appliance <= 2.6.23 Insecure Service Control Scripts LPE
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts located under C:\F2MAdmin\F2E\AudioCodesfiles\utils\Services. When certain service actions are...
CVE-2025-34332
CVE-2025-34332 affects AudioCodes Fax Server and Auto-Attendant IVR appliances up to version 2.6.23. A web administration component runs Windows service actions via helper batch scripts in C:\F2MAdmin\F2E\AudioCodes_files\utils\Services. When service actions are requested through ajaxPost.php, PH...
nuclei2xray
Nuclei2Xray A tool written in Go language, used to convert Nu...
AudioCodes Fax Server 安全漏洞
AudioCodes Fax Server is a fax server from AudioCodes Israel. A security vulnerability exists in AudioCodes Fax Server version 2.6.23 and prior versions, which originates from a writable batch script that could lead to local elevation of privilege...
HSEC-2024-0003 process: command injection via argument list on Windows
process: command injection via argument list on Windows The process library on Windows is vulnerable to a command injection vulnerability, via cmd.exe's interpretation of arguments. Programs that invoke batch files .bat, .cmd and pass arguments whose values are affected by program inputs may be...
EUVD-2025-80746
Malicious code in remotebatreplicateautomation npm...
This Week in Spring - November 10th, 2025
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this I am preparing for a flight to North Carolina first in flight!. This week's going to be busy, but next week even busier still! I'll be at AI By The Bay in San Francisco, AI Native Dev Con in NYC, and QCon SF i...
Exploit for Exposure of Resource to Wrong Sphere in Apache Http_Server
HTTP Request Smuggling Detection Tool This repository contain...
Incorrect Authorization
Liferay Portal is vulnerable to Incorrect Authorization. The vulnerability is due to the Batch Engine failing to properly enforce permission checks for import and export tasks, which allows remote authenticated users to access exported data through the REST APIs...
Exploit for HTTP Request Smuggling in Sap Content_Server
CVE-2022-22536 Batch Scanner This is a fast, socket-level bat...
Apache Airflow 安全漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is scalable and dynamic monitoring and other features. A security bypass vulnerability exists in Apache Airflow, which is...
Siemens SIMATIC and SCALANCE Devices Improper Input Validation (CVE-2023-32233)
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. This plug...
filemap: Handle sibling entries in filemap_get_read_batch()
...
Exploit for Missing Authentication for Critical Function in Langflow
CVE-2025-3248 Langflow RCE Scanner A Python tool designed to...
EUVD-2022-55664
In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucvtx With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid...
RUSTSEC-2025-0126 Heap-buffer-overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
PoTS: Proof-Of-Training-Steps for Backdoor Detection in Large Language Models
As Large Language Models LLMs gain traction across critical domains, ensuring secure and trustworthy training processes has become a major concern. Backdoor attacks, where malicious actors inject hidden triggers into training data, are particularly insidious and difficult to detect. Existing...