Command Injection

Overview nitsan/ns-backup is an extension for TYPO3 that lets you save your code, files, and database with just a few clicks. Install Backup Plus and connect it to your cloud storage like Google Drive, Dropbox, Amazon S3, SFTP, Rsync, etc.. Affected versions of this package are vulnerable to...

Important: Red Hat Security Advisory: RHODF-4.15-RHEL-9 security update

An updated images are now available for RHODF-4.15-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

CVE-2025-25297

Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage integration feature contains a Server-Side Request Forgery SSRF vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a cust...

CVE-2025-25297

Label Studio (Open Source) contains a CVE-2025-25297 SSRF in the S3 storage endpoint configuration prior to version 1.16.0. The s3_endpoint parameter is passed directly to the boto3 AWS SDK without validation, allowing an authenticated user to trigger HTTP requests to arbitrary internal services ...

Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint

Description Label Studio's S3 storage integration feature contains a Server-Side Request Forgery SSRF vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a custom S3 endpoint URL via the s3endpoint parameter. This endpoint U...

Label Studio 代码问题漏洞

Label Studio is an open source data labeling tool from Heartex Open Source. It allows you to label data types such as audio, text, images, video, and time series using a straightforward UI and export to a variety of model formats. A code issue vulnerability exists in Label Studio versions prior t...

CVE-2023-39250

Dell Storage Integration Tools for VMware DSITV and Dell Storage vSphere Client Plugin DSVCP versions prior to 6.1.1 and Replay Manager for VMware RMSV versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this...

PT-2023-6517 · Dell · Dell Storage Integration Tools For Vmware +2

Name of the Vulnerable Software and Affected Versions: Dell Storage Integration Tools for VMware DSITV versions prior to 6.1.1 Dell Storage vSphere Client Plugin DSVCP versions prior to 6.1.1 Replay Manager for VMware RMSV versions prior to 3.1.2 Description: The issue is related to an informatio...

CVE-2023-1282 Drag and Drop Multiple File Upload PRO - Reflected Cross-Site Scripting

The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the...

Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations < 5.0.6.3 - Path Traversal

The plugin does not properly check the value of the input "uploaddir", which is modifiable by the user. As a result, by changing the value of this input, it's possible to upload a file anywhere writable in the webserver. PoC 1. Create a contact form and add a "multiple file upload" field. 2. Add...

Veeam CDP service does not start after the installation of the storage integration plug-in

Challenge Certain primary storage integration plug-in setup programs leave the Veeam Continuous Data Protection Veeam CDP service stopped after the installation. The following plug-ins are affected: Dell EMC SC Compellent Plug-In for Veeam Backup & Replication Tintri IntelliFlash Plug-In for Veea...

“Storage connection failure” alarm during the backup jobs with storage integration activity.

Challenge The alarm " Storage connection failure" is displayed in Veeam ONE when performing either of the following activities in Veeam Backup & Replication: Backup from Storage Snapshots Restore from Storage Snapshots While both Backup from Storage Snapshots and Restore from Storage Snapshots bo...

Release Notes for Veeam Backup & Replication 9.5 Update 2

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 9.5 Update 2 Cause Please confirm you are running version 9.5.0.580, 9.5.0.711, 9.5.0.802, or 9.5.0.823 prior to...