CVE-2025-24288

The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...

CVE-2025-24288

The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...

CVE-2025-24288

The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...

AZL-70352 CVE-2022-50071 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

CVE-2025-6107

A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function setattr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The complexity of an...

PT-2025-26196 · Versa · Versa Director

Name of the Vulnerable Software and Affected Versions: Versa Director affected versions not specified Description: The Versa Director software exposes several services by default, including ssh and postgres, which can provide an easy foothold for attackers due to default credentials and multiple...

DEBIAN-CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

UBUNTU-CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

CVE-2025-6069 HTMLParser quadratic complexity when processing malformed inputs

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

PSF-2025-10

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

CVE-2025-6139 TOTOLINK T10 shadow.sample hard-coded password

A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network...

CVE-2025-6139

CVE-2025-6139 affects TOTOLINK T10, version 4.1.8cu.5207. A vulnerability in the file /etc/shadow.sample allows use of a hard-coded password due to trust-management weaknesses. Attack requires proximity (local network) with high complexity, and the vulnerability potentially impacts confidentialit...

CVE-2025-6107 comfyanonymous comfyui utils.py set_attr dynamically-determined object attributes

A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function setattr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The complexity of an...

CVE-2025-6107

CVE-2025-6107 affects comfyanonymous comfyui 0.3.40. The vulnerability is in the function set_attr of /comfy/utils.py, enabling manipulation of dynamically-determined object attributes. The issue can be triggered remotely with high attack complexity and no privileges required; PoC exploits have b...

CVE-2025-6107 comfyanonymous comfyui utils.py set_attr dynamically-determined object attributes

A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function setattr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The complexity of an...

CVE-2025-49081

There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse...

CVE-2025-49080

There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence of packets to the server. The attack complexity is low, there are no attack...

CVE-2025-49080

Absolute Secure Access server versions 9.0–13.54 contain a memory management vulnerability that can be exploited remotely to cause a Denial of Service. The issue allows a low-complexity, network-based attack requiring no privileges or user interaction, with high availability impact (no confidenti...