Hitachi Energy Relion REB500 Product

SUMMARY Hitachi Energy is aware of vulnerabilities that affect the Relion REB500 product versions listed in this document. Authenticated users with certain roles can exploit the vulnerabilities to access and modify the directory contents they are not authorized to do so. Please refer to the...

Hitachi Energy FOX61x

SUMMARY Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to...

CVE-2025-38146

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...

Hitachi Energy Relion 670/650 and SAM600-IO Series (Update A)

SUMMARY Hitachi Energy is aware of a vulnerability that affects the Relion 670/650 and SAM600-IO series IED device versions that are listed in this document. An authenticated attacker successfully exploiting this vulnerability via FTP access can cause the device to reboot due to improper disk...

CVE-2025-6087 SSRF vulnerability in opennextjs-cloudflare via /_next/image endpoint

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package. The vulnerability stems from an unimplemented feature in the Cloudflare adapter for Open Next, which allowed unauthenticated users to proxy arbitrary remote content via the /next/image endpoint...

GHSA-XWGG-M7FX-83WX Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation

A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over t...

PT-2025-25408 · Blink · Bl-X10 Ac8 +7

Name of the Vulnerable Software and Affected Versions: Blink routers BL-WR9000 version 2.4.9 Blink routers BL-AC2100 AZ3 version 1.0.4 Blink routers BL-X10 AC8 version 1.0.5 Blink routers BL-LTE300 version 1.2.3 Blink routers BL-F1200 AT1 version 1.0.0 Blink routers BL-X26 AC8 version 1.2.8 Blink...

CVE-2025-21550

CVE-2025-21550 affects Oracle Financial Services Behavior Detection Platform (Web UI) within Oracle Financial Services Applications. The vulnerable software versions are 8.0.8.1, 8.1.2.7, and 8.1.2.8. The issue allows an unauthenticated attacker with network access via HTTP to compromise the plat...

Hitachi Energy MicroSCADA Pro/X SYS600 (Update A)

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the MicroSCADA Pro/X SYS600 product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the...

U.S. Dept Of Defense: Attacker can Add itself as admin user and can also change privileges of Existing Users [█████████]

The website had a directory that lacked authentication, allowing an attacker to add a new admin user and change the privileges of existing users without any authentication...

CISA Issues Emergency Directive on Ivanti Vulnerabilities

CISA has issued Emergency Directive ED 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch FCEB...

U.S. Dept Of Defense: XSS Reflected

A reflected XSS vulnerability was discovered in the web asset, allowing an attacker to inject and execute malicious code in a victim's browser...

U.S. Dept Of Defense: XSS via Client Side Template Injection on www.███/News/Speeches

Dear DoD - Team, I am able to execute javascript code on www.███████/News/Speeches. This endpoint has a search functionality with the parameter Search. The supplied value to this parameter gets embedded into the website. Furthermore the frontend of the website is presumably created with a templat...

U.S. Dept Of Defense: stored cross site scripting in https://███

It was observed that the application is vulnerable to cross-site scripting XSS. XSS is a type of attack that involves running a malicious scripts on a victim’s browser. poc attached another parameter at 1636345 Year Group Military Only Impact Cookie Stealing - A malicious user can steal cookies a...

U.S. Dept Of Defense: SSRF ACCESS AWS METADATA - █████

Hi Security Team, Based on https://hackerone.com/hack-us-h1c challenge, I have urgent vulnerability and the challenge doesn't accept reprots for now 1:56 AM . I have found a SSRF Vulnerability which allow access to the AWS metadata, using Parameter ?url= as shown blew An attacker can tunnel into...

U.S. Dept Of Defense: Stored XSS at https://█████

Description: In registeration page https://████ , first name and last name field are vulnerable to Stored Cross Site Scripting. Proof of concept For the fastly test, use this credentials to login my test account email: █████████ password: ██████ After login , alert document.cookie will triggered...

U.S. Dept Of Defense: Broken access control, can lead to legitimate user data loss

Hi team, During testing the security of ██████████ I found another possible attack vector: There are two reports preceding this one - https://hackerone.com/reports/1489470 and https://hackerone.com/reports/1489744 I will try to explain: When an user need access to that information system he fills...

U.S. Dept Of Defense: SQL Injection in █████

References Impact By using SQL injection, an attacker can exfiltrate the whole database, and gain RCE System Hosts ████ Affected Products and Versions ████ CVE Numbers Steps to Reproduce POC 1 - curl command injecting query, returning database version: curl https://█████████ -X POST...

Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation

Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache...

U.S. Dept Of Defense: Log4Shell: RCE 0-day exploit on █████████

Hi team, log4 shell is recent 0-day exploit it's Java package vulnerable. ██████████ domain is vulnerable Impact RCE System Hosts █████████ Affected Products and Versions CVE Numbers CVE-2021-44228 Steps to Reproduce 1. Go to this url =...