EUVD-2025-210068

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...

CVE-2025-41011

CVE-2025-41011 — HTML injection in PHP Point of Sale v19.4 due to insufficient input validation in the /reports/generate/specific_customer endpoint (parameters: start_date_formatted, end_date_formatted). This allows rendering HTML in the victim’s browser. CVSS 4.0: Attack vector NETWORK; attack c...

WordPress plugin Ni WooCommerce Customer Product Report Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2025-1379

A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/CustomerReport.php. The manipulation of the argument city leads to sql injection. The attack can be...

Code-Projects Real Estate Property Management System 跨站脚本漏洞

Code-Projects Real Estate Property Management System is a Code-Projects open source real estate property management system. A cross-site scripting vulnerability exists in Code-Projects Real Estate Property Management System version 1.0, which stems from the parameter Address in the file...

CVE-2024-53095

CVE-2024-53095 – Linux kernel SMB CIFS client UAF Issue: The CIFS/SMB client in the Linux kernel can use-after-free the network namespace (netns) when sockets are freed after the netns lifetime, triggering oopses during reconnect in Kubernetes pods that mount CIFS shares in non-root netns. Root c...

TCP Checksum Interoperability with RFC1624

Customer installed a Repeater 8540 at Data Center and two Branch Repeater 300 appliances at two branch offices for the Proof of Concept POC test. After installation, customers in the branch offices reported that ICA sessions stopped responding from time to time. The session does not respond to...

Authentication login Issues with IOS device - error "CAMAuthManErrorCodeProtocol"

Customer receives an error "CAMAuthManErrorCodeProtocol" when he tried to login to his storefront server from the outside of hsi company...

AppLocker Occasionally Blocking Layered Software

Customer reports that sometimes Office was not running, and it was being blocked by AppLocker...

"Recently updated" plugin can be used to reflect arbitrary static content to browser

This request: noformat /plugins/recently-updated/changes.action?theme=XXXXXXXX noformat results in the response: noformat HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Cache-Control: no-cache, must-revalidate Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Confluence-Request-Time: 1412654577325...

RSS feed over entire site gives information on restricted pages the user should not see

A customer has reported this issue via a comment on the documentation: http://confluence.atlassian.com/display/DOC/Working+with+RSS+Feeds?focusedCommentId=276627497comment-276627497 quote When someone has an RSS feed covering the whole Confluence instance, he is informed about changes in restrict...