PT-2025-22376 · Cisco +1 · Cisco Unified Communications/Contact Center Solutions +1

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications and Contact Center Solutions products affected versions not specified Description: A vulnerability in the system could allow an authenticated, local attacker to elevate privileges to root on an affected device. Th...

GHSA-7C5V-895V-W4Q5 jooby-pac4j: deserialization of untrusted data

Impact Versions after 2.x and before 3.x of io.jooby:jooby-pac4j can cause deserialization of untrusted data Patches - 2.17.0 2.x - 3.7.0 3.x Workarounds - Not using io.jooby:jooby-pac4j until it gets patches. - Check what values you put/save on session References Version 2.x:...

xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References

Impact An attacker may be able to exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature...

HP OpenView NNM v6.1 buffer overflow

HP OpenView NNM v6.1 buffer overflow The problem.. HP OpenView NNM v6.1 has a buffer overflow in the suid-root file ecsd located in the /opt/OV/bin/ directory. ecsd is not used in NNM, but is shipped and installed suid-root as default. Details.. je@openview uname -a SunOS openview 5.8...