CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2025-62739

Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...

CVE-2025-42876

Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud Financials General Ledger, an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could...

Authentication Bypass Using an Alternate Path or Channel

Overview filament/filament is an A collection of full-stack components for accelerated Laravel app development. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel due to the handling of recovery codes for app-based multi-factor...

CVE-2025-67507

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect...

CVE-2025-67507 Filament's multi-factor authentication (app) recovery codes can be used multiple times

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect...

CVE-2025-67507 Filament's multi-factor authentication (app) recovery codes can be used multiple times

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect...

EUVD-2025-202172

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect...

CVE-2025-67507

CVE-2025-67507 affects Filament versions 4.0.0 through 4.3.0. The vulnerability arises in the handling of app-based multi-factor authentication recovery codes, allowing the same recovery code to be reused indefinitely when recovery codes are enabled (email-based MFA is unaffected). Root cause: im...

CVE-2025-67507 Filament's multi-factor authentication (app) recovery codes can be used multiple times

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

PT-2025-50542

Name of the Vulnerable Software and Affected Versions Aqara Camera Hub G3 version 4.1.9 0027 Description The Aqara Camera Hub G3 contains command injection flaws. Successful exploitation allows attackers to execute arbitrary commands with root privileges. This is achieved by providing malicious Q...

CVE-2025-65293

CVE-2025-65293 refers to a command-injection vulnerability in Aqara Camera Hub G3. Affected software is Aqara Camera Hub G3 version 4.1.9_0027. The underlying issue allows an attacker to execute arbitrary root-level commands via malicious QR codes used during device setup and factory reset. Evide...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

EUVD-2025-202021

Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...

GHSA-PVCV-Q3Q7-266G Filament multi-factor authentication (app) recovery codes can be used multiple times

A flaw in the handling of recovery codes for app-based multi-factor authentication allows the same recovery code to be reused indefinitely. This issue does not affect email-based MFA. It also only applies when recovery codes are enabled. If an attacker gains access to both the user's password and...

Filament multi-factor authentication (app) recovery codes can be used multiple times

A flaw in the handling of recovery codes for app-based multi-factor authentication allows the same recovery code to be reused indefinitely. This issue does not affect email-based MFA. It also only applies when recovery codes are enabled. If an attacker gains access to both the user's password and...

CVE-2025-62739

Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...