HashiCorp Vault Enterprise 安全漏洞

HashiCorp Vault Enterprise is an enterprise information archiving platform from HashiCorp, Inc. in the United States. A security vulnerability exists in HashiCorp Vault Enterprise versions 1.21.0, 1.20.5, 1.19.11, and 1.16.27, which stems from the same or wildcard use of the boundprincipaliam rol...

CVE-2025-41723

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations...

CVE-2025-41723 Sauter: Directory Traversal in importFile SOAP Method

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations...

CVE-2025-41723 Sauter: Directory Traversal in importFile SOAP Method

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations...

CVE-2025-41723

CVE-2025-41723 affects SAUTER products (EY-modulo 5 Building Automation, modulo 6 devices modu680-AS, modu660-AS, modu612-LC, plus related ecos variants) via the importFile SOAP method, which is vulnerable to directory traversal. An unauthenticated remote attacker can bypass path restrictions and...

SAUTER多款产品 安全漏洞

SAUTER EY-modulo 5 Building Automation Station is a complete building management solution from SAUTER.Sauter modu680-AS is a modular automation station cum web server from Sauter, Switzerland. A security vulnerability exists in several SAUTER products. The vulnerability stems from the importFile...

EUVD-2022-54716

In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release method to free dbsdata The struct dbsdata embeds a struct govattrset and the struct govattrset embeds a kobject. Since every kobject must have a release method and we can't use kfree to free...

Path traversal vulnerability via `FileSystemPathPointer.join()` method allows unauthorized file access

Description A critical path traversal vulnerability exists in the FileSystemPathPointer.join method within the nltk library. The vulnerability allows attackers to bypass directory restrictions and access files outside the intended directory structure by using path traversal sequences such as ../ ...

BreakFun: Jailbreaking LLMs Via Schema Exploitation

The proficiency of Large Language Models LLMs in processing structured data and adhering to syntactic rules is a capability that drives their widespread adoption but also makes them paradoxically vulnerable. In this paper, we investigate this vulnerability through BreakFun, a jailbreak methodolog...

Rockwell Automation ArmorStart AOP Denial of Service Vulnerability

Rockwell Automation ArmorStart AOP is a distributed motor controller from Rockwell Automation. The Rockwell Automation ArmorStart AOP suffers from a denial of service vulnerability that originates from entering an invalid value into a COM method, which can be exploited by an attacker to cause a...

EUVD-2025-34608

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...

org.springframework.security/spring-security-core: Spring Security authorization bypass

The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization...

org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions...

CVE-2025-62366 Mailgen vulnerable to HTML injection and cross-site scripting via plaintext email generation

mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. Mailgen versions through 2.0.30 contain an HTML injection vulnerability in plaintext emails produced by the generatePlaintext method when user‑generated content is supplied. The function attempts t...

CVE-2025-9437

The CVE-2025-9437 entry describes a denial-of-service vulnerability in the Studio 5000 Logix Designer add-on profile (AOP) used with Rockwell Automation’s ArmorStart Classic distributed motor controller. Technical details across connected sources indicate the issue stems from inputting invalid va...

Microsoft Windows NTFS 资源管理错误漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing, and logging capabilities. Microsoft Windows NTFS suffers from a resource management error vulnerability that stems from an attacker's ability to elevate...

Rockwell Automation ArmorStart AOP 安全漏洞

Rockwell Automation ArmorStart AOP is a distributed motor controller from Rockwell Automation. The Rockwell Automation ArmorStart AOP suffers from a denial of service vulnerability that originates from entering an invalid value into a COM method, which can be exploited by an attacker to cause a...

Linux Distros Unpatched Vulnerability : CVE-2022-50521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/x86: mxm-wmi: fix memleak in mxmwmicallmxds|mx The ACPI buffer memory out.pointer returned by wmievaluatemethod is not freed after the call, so it lead...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2230)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : dochangetype: refuse to operate on unmounted/not ours mountsCVE-2025-38498 HID: core: ensure the allocated report buffer can contain the reserved...

GHSA-R7R6-CC7P-4V5M python-ldap has sanitization bypass in ldap.filter.escape_filter_chars

Summary The sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and the non-default escapemode=1 is configured. Details The method ldap.filter.escapefilterchars supports 3...