PT-2025-7718 · Workos · Workos Hosted Authkit

Name of the Vulnerable Software and Affected Versions: WorkOS Hosted AuthKit versions prior to 2025-01-07 Description: The issue allows a password authentication MFA bypass by enrolling a new authentication factor when the attacker knows the user's password. No exploitation occurred...

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in versions prior to DENX Software Engineering Das U-Boot 2025.01-rc1 that stems from a memory allocation integer overflow issue...

JFinalOA 安全漏洞

JFinalOA is an enterprise office system based on the JFinal framework developed by rabbit individual developers. A security vulnerability exists in JFinalOA versions prior to v2025.01.01, which stems from the discovery of an SQL injection vulnerability via the component validRoleKey?sysRole.key...

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...

CVE-2024-57767

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery SSRF via the component /file/download...

Mysiteforme 安全漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from the inclusion of a fastjson deserialization vulnerability discovered via the component system/table/addField...