ROS-20260129-73-0051

A vulnerability in the Request Handling component of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the lack of validation of the data or message source. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions...

Exploit for Authentication Bypass by Spoofing in Dataease

fofa语法：title="DataEase" poc: "POST /de2api/datasource/validate...

CVE-2025-22623

Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/includes/dst/dst.php...

ROS-20240514-02

A vulnerability in the Apache Maven framework is related to a flaw in the data source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

ROS-20240503-18

A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks A vulnerability in the Apache Maven framework is...

ROS-20240410-17

The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...

AVEVA System Platform 访问控制错误漏洞

AVEVA System Platform is an application from AVEVA UK. A responsive, standards-driven and scalable foundation for regulatory, enterprise SCADA, MES and IIoT applications. AVEVA System Platform is vulnerable to an Access Control Error vulnerability that arises from the software not properly...