38 matches found
report-anonymizer
🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...
CVE-2025-61120
AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...
EUVD-2025-37025
AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...
CVE-2025-61120
AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...
IOFIT AG Life Logger Android App 安全漏洞
IOFIT AG Life Logger Android App is a sports app from IOFIT Japan. A security vulnerability exists in IOFIT AG Life Logger Android App v1.0.2.72 and earlier versions, which stems from improper access control and a predictable CAPTCHA, and could lead to account disclosure and misuse of cloud...
PT-2025-44431
Name of the Vulnerable Software and Affected Versions Mobile Scanner version 2.12.38 Description The Mobile Scanner Android App has a flaw where cloud service credentials are not handled securely. This could allow attackers to gain access to these credentials and perform unauthorized actions. The...
CVE-2025-61121
Mobile Scanner Android App version 2.12.38 package name com.glority.everlens, developed by Glority Global Group Ltd., contains a credential leakage vulnerability. Improper handling of cloud service credentials may allow attackers to obtain them and carry out unauthorized actions, such as sensitiv...
CVE-2025-55306
GenXFX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources Google Cloud...
Microsoft WinJS winjsdevelop Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft WinJS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of WinJS. When installed from the official Microsoft NPM repository, th...
Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon AWS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of AWS Simple Storage Service. When installed from the official GitHub...
Axis Communications Autodesk Plugin AxisAddin axisapphelpfiles Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Axis Communications Autodesk Plugin. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a cloud resource. The issue results from allowi...
Amazon AWS aws-glue-with-s2s-vpn Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon AWS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of AWS Glue. When installed from the official GitHub repository, the...
Microsoft Azure Availability Monitor for Kafka esnewdeveastdockerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Availability Monitor for Kafka for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Availability Monitor for Kafka...
Microsoft Technical Case Studies athena-dashboard Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Technical Case Studies. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Technical Case Studies. When installed from the...
Microsoft Azure CollectSFData docs-analytics-eus Uncontrolled Search Path Element Impersonation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CollectSFData for Microsoft Azure. Authentication is not required to exploit this vulnerability. The issue results from a reference to a non-existent cloud resource that is vulnerable to takeover. An...
Microsoft Azure Aztack aztack1528763526 Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Aztack for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Aztack. When installed from the official Microsoft GitHub...
Microsoft Fluid Framework prague Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Fluid Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Fluid Framework. When installed from the official Microsof...
Microsoft Azure DataStoriesSamples machinelearningdatasets Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of DataStoriesSamples for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of DataStoriesSamples. When installed from the...
Microsoft Azure uAMQP azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of uAMQP. When installed from the official Microsoft GitHub repository,...
Microsoft Partner Resources openhacks Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Partner Resources. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Partner Resources. When installed from the official...