CVE-2025-24316

The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...

CVE-2025-24316 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Exposure of Sensitive Information Due to Incompatible Policies

The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...

CVE-2025-24316

CVE-2025-24316 affects the Dario Health Internet-based server infrastructure. The issue is exposure of development environment details, leading to unsafe functionality as described in the CVE entry and corroborated by multiple sources (NVD, Red Hat, CIRCL, PT Security, and CISA ICS advisory). CVS...

CVE-2022-25773

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...

Dario Health 安全漏洞

Dario Health is a software from Dario Health that provides digital health solutions for patients with chronic conditions. Dario Health has a security vulnerability that stems from the exposure of development environment details that could lead to unsafe functionality...

PT-2025-9062 · Apache · Apache Inlong

Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.13.0 through 2.1.0 Description: The issue concerns a deserialization of untrusted data, allowing for an arbitrary file read vulnerability. This can be exploited by bypassing security measures through double writing of...

PT-2025-9117 · Unknown · Dario Health

Name of the Vulnerable Software and Affected Versions: Dario Health affected versions not specified Description: The issue concerns the exposure of development environment details in the Dario Health Internet-based server infrastructure, potentially leading to unsafe functionality. Recommendation...

PT-2025-9200 · Ntpd-Rs · Ntpd-Rs

Name of the Vulnerable Software and Affected Versions: ntpd-rs versions prior to 1.5.0 Description: Two denial of service issues were found in the handling of NTS cookies in the client functionality. These issues can cause ntpd-rs to crash when an NTS source is configured and the server sends...

CVE-2024-5174

A flaw in Gliffy results in broken authentication through the reset functionality of the application...

CVE-2022-25773

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...

CVE-2022-25773 Relative Path Traversal in assets file upload

This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...

CVE-2022-25773

CVE-2022-25773 describes a file placement/path traversal vulnerability in Mautic’s asset upload, due to improper pathname restriction that allows uploading assets to directories outside the intended temp dir. Connected sources confirm affected component paths (mautic/core-lib) and versions before...

CVE-2022-49281

CVE-2022-49281 affects Linux kernel CIFS multiuser handling: each user has a separate tcon and handle for a cached directory, but on unmount the kernel must release the pinned dentry for every tcon rather than only the master tcon. If not, unmount can emit warnings of in-use dentries. The issue i...

CVE-2022-49127 ref_tracker: implement use-after-free detection

In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...

CVE-2024-5174

A flaw in Gliffy results in broken authentication through the reset functionality of the application...

CVE-2024-5174

CVE-2024-5174 affects Perforce Gliffy and describes a flaw in the reset functionality that results in broken authentication. The available connected data identifies Gliffy as the affected software and the underlying issue as an authentication problem during reset, but does not provide concrete de...

CVE-2024-5174 Broken Authentication in Gliffy

A flaw in Gliffy results in broken authentication through the reset functionality of the application...

CVE-2024-5174 Broken Authentication in Gliffy

A flaw in Gliffy results in broken authentication through the reset functionality of the application...

CVE-2025-1616

A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...

PT-2025-7712 · Gliffy · Gliffy

Name of the Vulnerable Software and Affected Versions: Gliffy affected versions not specified Description: A flaw in the application results in broken authentication through the reset functionality. Recommendations: At the moment, there is no information about a newer version that contains a fix...