Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-266: Incorrect Privilege Assignment CVE ID: CVE-2025-50124 2. Vulnerability Description The Data Center Expert...

PT-2025-26655 · Noyafa · Noyafa/Xiami Lf9 Pro

Name of the Vulnerable Software and Affected Versions: NOYAFA/Xiami LF9 Pro up to 20250611 Description: A problematic vulnerability was found in the RTSP Live Video Stream Endpoint component of the NOYAFA/Xiami LF9 Pro device. This issue leads to improper access controls, allowing for unauthorize...

CVE-2025-1688

Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that resets system configuration password after the upgrading from older versions using specific installers. The system configuration password is an additional, optional protection that is enabled on the...

CVE-2025-1688

CVE-2025-1688 affects Milestone XProtect installer behavior where upgrading from older versions using 2024 R1/R2 installers resets the Management Server’s system configuration password. The vulnerability is triggered during upgrade processes and could bypass password protection, potentially impac...

Directory Traversal

Overview xml2rfc is a Xml2rfc generates RFCs and IETF drafts from document source in XML according to the IETF xml2rfc v2 and v3 vocabularies. Affected versions of this package are vulnerable to Directory Traversal through the src attribute in artwork or sourcecode elements due to improper...

CVE-2021-39168

OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. As a workaround revoke the executor role...

WordPress Category Ajax Filter Plugin <= 2.8.2 is vulnerable to Local File Inclusion

Software Category Ajax Filter Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-10871 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 41b4026eef43 Credits Le Ngoc Anh Required privilege...

WordPress Video Lessons Manager Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Video Lessons Manager Type Plugin Vulnerable versions = 1.8.2 Fixed in 1.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11202 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID de6edf652333 Credits Peter...

WordPress CM Table Of Contents – WordPress TOC Plugin Plugin < 1.2.4 is vulnerable to Cross Site Scripting (XSS)

Software CM Table Of Contents – WordPress TOC Plugin Type Plugin Vulnerable versions 1.2.4 Fixed in 1.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5029 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7d80877428bb...

 Intel® Quartus® Prime Pro Edition Design Software Advisory

Summary: A potential security vulnerability in some Intel® Quartus® Prime Pro Edition Design Software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-22184 Description: Uncontrolled search path...

PT-2024-27050 · Undertow · Undertow

Name of the Vulnerable Software and Affected Versions: Undertow affected versions not specified Description: A vulnerability was found in Undertow, which requires the learning-push handler to be enabled in the server's config. By default, this handler is disabled. If enabled and the maxAge config...

WordPress MasterStudy LMS Plugin <= 3.3.3 is vulnerable to Local File Inclusion

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.3.3 Fixed in 3.3.4 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3136 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 0e613f9f337e Credits Hiroho Shimada Required privilege...

PT-2024-19640 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.5 Description: The issue is related to a Cross Site Scripting vulnerability in the num parameter, allowing a remote attacker to run arbitrary code via a crafted URL. Recommendations: For eyoucms version 1.6.5, consider...

PT-2024-10342 · Fortinet · Forticlientems

Name of the Vulnerable Software and Affected Versions: FortiClientEMS versions 7.2.0 through 7.2.4 FortiClientEMS versions prior to 7.0.10 Description: The issue is related to an improper restriction of excessive authentication attempts, which may allow an unauthenticated attacker to perform a...

Withdraw amount returned by getLiquidityAmountsAndPositions may be incorrect

Lines of code Vulnerability details Impact The getLiquidityAmountsAndPositions function in the liquiditylockbox contract is used to calculate the liquidity amounts and positions to be withdrawn for a given total withdrawal amount. It iterates through each deposited position following a FIFO order...

The creator does not receive additional ether - it accumulates on the contract

Lines of code Vulnerability details Impact In some cases, the ERC20TokenEmitter contract may accumulate residual ether that was not sent to the creator. The contract does not have a function to pick up the remaining ether. When a user wants to buy tokens, he sends ether to the...

malicious borrowers can follow reclaimLiquidity() then execute addPremium() to invalidate renewalCutoffTime

Lines of code Vulnerability details Vulnerability details LP can set renewalCutoffTime=block.timestamp by executing reclaimLiquidity, to force close position function liquidatePosition DataStruct.ClosePositionParams calldata params, address borrower external override nonReentrant ... if...

borrower can prevent liquidity provider from withdrawing their liquidity

Lines of code Vulnerability details Description When a liquidity provider wants to withdraw their liquidity they can call ParticlePositionManager::reclaimLiquidity. This will prevent any renewals: ParticlePositionManager::addPremium: File: protocol/ParticlePositionManager.sol 508: // check LP...

Potential Gas Inefficiency due to Unnecessary abi.encode Usage

Lines of code Vulnerability details Impact The function unnecessarily uses abi.encode to convert a uint256 to bytes32, incurring additional gas costs. This doesn't affect correctness but may lead to suboptimal gas usage. Proof of Concept By modifying the fetchInteractionId function to directly ca...

PT-2025-13307 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a potential vm use-after-free in the Linux kernel, specifically in the drm/i915 component. This occurs when the vm is added to the vm xa table, making it visible to...