Adlisting Classified Ads 2.14.0 - Information Disclosure

Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects. id: CVE-2023-4168 info: name: Adlisting Classified Ads 2.14.0 - Information Disclosure autho...

CVE-2025-67035

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys,...

EUVD-2025-208581

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys,...

CVE-2025-67035

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys,...

CVE-2025-67035

CVE-2025-67035 affects Lantronix EDS5000 (2.1.0.0R3). The SSH Client and SSH Server pages are vulnerable due to insufficient sanitization of input parameters, enabling an attacker to inject arbitrary commands in delete actions of objects like server keys, users, and known hosts. Commands are exec...

CVE-2025-67035

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys,...

CVE-2025-67035

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys,...

EUVD-2025-208377

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...

CVE-2025-41765 Unchecked role in wwwupload.cgi

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...

CVE-2025-41765

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...

Element Server Suite 安全漏洞

Element Server Suite is a community edition of the Element open-source server suite. There are security vulnerabilities in Element Server Suite Community Edition ESS Community, which stem from an insecure method for generating Matrix server keys. This could allow network attackers to recreate the...

CVE-2021-47871 Hestia Control Panel 1.3.2 - Arbitrary File Write

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

EUVD-2006-2472

Malware in sbrugna...

Acronis Cyber Protect 加密问题漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Switzerland. Combining backup, anti-malware, cybersecurity and endpoint management capabilities such as vulnerability assessment, URL filtering, patch management, etc. Acronis Cyber Protect i...

PT-2024-33255 · Berriai · Litellm

Name of the Vulnerable Software and Affected Versions: BerriAI's litellm version latest Description: The issue arises from improper input validation on the "/audio/transcriptions" endpoint, allowing an attacker to send a specially crafted request that includes a file path to the server. This...

Adlisting Classified Ads 2.14.0 Information Disclosure

Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Tested on: Windows 10...

CVE-2023-2632

Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

Jenkins Code Dx Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

SUSE: Security Advisory (SUSE-SU-2021:4147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2730-1] libpam-tacplus security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2730-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 04, 2021 https://wiki.debian.org/LTS -...