CVE-2025-68428 jsPDF has Local File Inclusion/Path Traversal vulnerability

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file...

CVE-2025-15069

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1...

CVE-2025-15070

Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse. This issue affects Web Fax: from 3.0 before 3.0.1...

CVE-2025-15068

Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse, Session Credential Falsification through Manipulation.This issue affects Web Fax: from 3.0 before 3.0.1...

CVE-2025-15070 Data Exposure in Gmission Web FAX

Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse. This issue affects Web Fax: from 3.0 before 3.0.1...

EUVD-2025-205551

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 4.0...

CVE-2025-15069 Privilege Escalation in Gmission Web FAX

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1...

CVE-2025-15069

CVE-2025-15069 — Multiple sources confirm an improper authentication vulnerability in Gmission Web Fax that allows privilege escalation. Affected product: Gmission Web Fax (3.x, with references noting 3.0 and prior to 4.0; some sources list up to 3.9). Root cause: flawed authentication/authorizat...

CVE-2025-40593

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0. The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition...

Design/Logic Flaw

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

IPython Notebook and Jupyter Notebook Cross-Site Scripting Vulnerabilities

IPython is an enhanced version of Python's native interactive shell developed by the IPython team.Notebook is one of the development environments.Jupyter Notebook is one of the suite of web applications for creating and sharing code and illustrative text documents. A cross-site scripting...

CVE-2014-8479

The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated users to cause a denial of service reboot via crafted FTP packets...