1627 matches found
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the mishandling of symlink destinations while evaluating template repos. An attacker can write to unintended files and potentially gain shell access on the server by creating out-of-repository...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the mishandling of symlink destinations while evaluating template repos. An attacker can write to unintended files and potentially gain shell access on the server by creating out-of-repository...
CVE-2025-68937
Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...
CVE-2025-68937
Forgejo versions before 13.0.2 are affected by a vulnerability in handling of out-of-repository symlink destinations for template repositories, allowing writing to unintended files and potentially gaining server shell access. The issue is fixed in 13.0.2 and also in the 11 LTS line starting with ...
Forgejo -- Symbolic Link (Symlink) Following
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md reports: Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template...
PT-2025-53358
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
FLIR AX8 Thermal Camera 安全漏洞
FLIR AX8 Thermal Camera is a monitoring thermal imaging sensor from FLIR, Inc. A security vulnerability exists in the FLIR AX8 Thermal Camera version 1.32.16, which stems from the presence of hard-coded SSH and web panel credentials that could lead to unauthorized access...
CVE-2025-66173
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...
PT-2025-53429
Name of the Vulnerable Software and Affected Versions Forgejo versions prior to 13.0.2 Forgejo version 11.0.7 and later Description The software contains a flaw related to the handling of symlinks within template repositories. This mishandling could allow attackers to write to unintended files,...
CVE-2024-58300
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
EUVD-2024-55337
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to...
CVE-2024-58294 FreePBX 16 Authenticated Remote Code Execution via API Module
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to...
FreePBX 操作系统命令注入漏洞
FreePBX formerly known as Asterisk Management Portal is a suite of tools for configuring Asterisk an IP telephony system via a GUI web-based graphical interface from the FreePBX project. An operating system command injection vulnerability exists in FreePBX version 16, which stems from remote code...
Siklu MultiHaul TG Series 访问控制错误漏洞
The Siklu MultiHaul TG Series is a series of wireless transmission devices from Siklu designed to provide a reliable high-speed data transmission solution specifically suited for fixed wireless access and connectivity needs in dense urban environments. An Access Control Error vulnerability exists...
PT-2025-50748
Name of the Vulnerable Software and Affected Versions FreePBX version 16 Description FreePBX version 16 contains an authenticated remote code execution issue in the API module. An attacker with valid session credentials can execute arbitrary commands. The issue is exploitable through the...
CVE-2024-58282 Serendipity 2.5.0 Remote Code Execution via Authenticated Media Upload
Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables...
📄 Zimbra Collaboration Suite Postjournal 10.1.0 Remote Code Execution
Proof of concept for a critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. Version 10.1.0 is affected...
Vegeta_Vuln_lab
VegetaVulnlab Overview This lab focuses on core penetrati...
UBUNTU-CVE-2025-2486
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...