CVE-2025-59900 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

CVE-2025-59900

CVE-2025-59900 describes a persistent authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. Root cause: insufficient validation of user input in the request path related to server options, specifically in “/server_opti...

EUVD-2024-0353

Malicious code in bioql PyPI...

Bosch Rexroth ctrlX OS 安全漏洞

Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, Germany, designed as an open control platform for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that stems from mishandling of error notification messages, which cou...

Race Condition

Overview parallel-ssh is an Asynchronous parallel SSH library Affected versions of this package are vulnerable to Race Condition in the scpsend function, leading to incomplete file transfers without error notifications. Remediation Upgrade parallel-ssh to version 2.9.1 or higher. References -...

SUSE-SU-2016:2891-1 Security update for sudo

This update for sudo fixes the following issues: - Fix two security vulnerabilities that allowed users to bypass sudo's NOEXEC functionality: noexec bypass via system and popen CVE-2016-7032, bsc1007766 noexec bypass via wordexp CVE-2016-7076, bsc1007501 - The SSSD plugin would occasionally crash...