CVE-2025-9020

A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...

CVE-2025-9016

A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...

CVE-2025-9005

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...

CVE-2025-8979

A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function checkfwtype/splitfireware/checkfw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The...

CVE-2025-9020

A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...

CVE-2025-9020

A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...

CVE-2025-9005

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...

CVE-2025-9005

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...

CVE-2025-9005 mtons mblog register information exposure

A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is...

CVE-2025-9000

A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an atta...

CVE-2025-9000

The CVE-2025-9000 flaw resides in Mechrevo Control Center GX V2 (version 5.56.51.48), specifically in the reg File Handler component. It enables an uncontrolled search path due to the manipulation of that component, allowing a local attacker to exploit on the host. Reported impact is high for con...

PT-2025-33449 · Unknown · Mechrevo Control Center Gx V2

Name of the Vulnerable Software and Affected Versions: Mechrevo Control Center GX V2 version 5.56.51.48 Description: A vulnerability was identified that leads to an uncontrolled search path within the Powershell Script Handler component. The vulnerability affects the file C:Program...

CVE-2025-8980 Tenda G1 Firmware Update check_upload_file data authenticity

A vulnerability has been found in Tenda G1 16.01.7.83660. Affected by this issue is the function checkuploadfile of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is...

CVE-2025-8979 Tenda AC15 Firmware Update check_fw data authenticity

A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function checkfwtype/splitfireware/checkfw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The...

CVE-2025-8927

A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...

CVE-2025-8927

Summary (CVE-2025-8927) : A vulnerability exists in mtons mblog up to version 3.5.0 affecting the Verification Code Handler, specifically the file /email/send_code. Malicious manipulation of the email parameter can bypass restrictions on excessive authentication attempts. The issue can be exploit...

CVE-2025-2937 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted markdown payloads to the Wiki feature...

PT-2025-33077 · Mtons · Mtons Mblog

Name of the Vulnerable Software and Affected Versions: mtons mblog versions up to 3.5.0 Description: A flaw exists in mtons mblog up to version 3.5.0 within the Verification Code Handler component, specifically in the /email/send code file. Manipulation of the email argument results in an imprope...

Gitlab -- vulnerabilities

Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site scripting issue in labels impacts GitLab CE/EE Cross-site scripting issue in Workitem impacts GitLab CE/EE Improper Handling of Permissions issue in project API impacts GitLab CE/EE Incorrect Privilege...

Security update for python313

This update for python313 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. CVE-2025-4435:...