CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...

Open Solution QuickCMS 跨站脚本漏洞

Open Solution QuickCMS is an Open Solution open source content management system. A cross-site scripting vulnerability exists in Open Solution QuickCMS version 6.8, which stems from improper neutralization of the sTitle parameter input and could lead to a stored cross-site scripting attack...

Open Solution QuickCMS 跨站脚本漏洞

Open Solution QuickCMS is an Open Solution open source content management system. A cross-site scripting vulnerability exists in Open Solution QuickCMS version 6.8, which stems from improper neutralization of the sFileName parameter input and could lead to a reflective cross-site scripting attack...

ChamaleoNet: Programmable Passive Probe for Enhanced Visibility on Erroneous Traffic

Traffic visibility remains a key component for management and security operations. Observing unsolicited and erroneous traffic, such as unanswered traffic or errors, is fundamental to detect misconfiguration, temporary failures or attacks. ChamaleoNet transforms any production network into a...

CVE-2024-48892

A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...

CVE-2025-54715

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner wi...

CVE-2024-48892

A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...

CVE-2024-48892

A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...

CVE-2024-48892

A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...

CVE-2024-48892

FortiSOAR (Fortinet) is affected by a relative path traversal (CWE-23) that can allow an authenticated attacker to read arbitrary files by uploading a malicious solution pack. Affected versions include 7.3 all versions, 7.4 all versions, 7.5.0–7.5.1, and 7.6.0. The underlying issue is exposed via...

CVE-2024-48892

A relative path traversal vulnerability CWE-23 in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack...

PT-2025-32872 · Fortinet · Fortisoar

Name of the Vulnerable Software and Affected Versions: FortiSOAR versions 7.3 all versions FortiSOAR versions 7.4 all versions FortiSOAR versions 7.5.0 through 7.5.1 FortiSOAR version 7.6.0 Description: A relative path traversal vulnerability may allow an authenticated attacker to read arbitrary...

编号撤回

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. This CVE number has been withdrawn...

CVE-2012-10047 Cyclope Employee Surveillance Solution v6.x SQL Injection

Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a...

Cyclope Employee Surveillance Solution 安全漏洞

Cyclope Employee Surveillance Solution is an employee monitoring software from Cyclope, Inc. A security vulnerability exists in Cyclope Employee Surveillance Solution version 6.x, which stems from the username parameter not being cleaned up in the auth-login request, and could lead to SQL injecti...

Fedora: Security Advisory (FEDORA-2025-9e2840094a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-1ab8c32baf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SpyCloud Enhances Investigations Solution with AI-Powered Insights – Revolutionizing Insider Threat and Cybercrime Analysis

Austin, TX, USA, 6th August 2025, CyberNewsWire...

Advisory ROSA-SA-2025-2949

software: ffmpeg 4.4.6 OS: ROSA-CHROME unaffected versions = ffmpeg-4.4.6-1 affected versions ffmpeg-4.4.6-1 CVE-ID: CVE-2025-1594 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A buffer overflow vulnerability in FFmpeg allows a remote attacker to initiate an attack via the ffaacsearchfortns function in...

Google Chrome Security Update (stable-channel-update-for-desktop-2025-08) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...