MAL-2025-16199 Malicious code in browser-sync-task-runner (npm)

The package browser-sync-task-runner was found to contain malicious code...

Malicious code in browser-sync-task-runner (npm)

The package browser-sync-task-runner was found to contain malicious code...

Malicious code in js-task-paths (npm)

The package js-task-paths was found to contain malicious code...

CVE-2025-55011

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

CVE-2025-48861

CVE-2025-48861 describes a vulnerability in the Task API endpoint of the ctrlX OS setup mechanism, where an unauthenticated, remote attacker could access and exfiltrate internal application data (e.g., debug logs and the version of installed apps). Public sources consistently tie the issue to ina...

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

WordPress plugin AI Tools 安全漏洞

WordPress AI Tools plugin is a WordPress plugin based on Artificial Intelligence technology, which is mainly used to optimize website content generation, automate task processing and improve website performance. WordPress AI Tools plugin suffers from a lack of authorization vulnerability, no...

PT-2025-33139 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: A vulnerability exists in the Task API endpoint of the ctrlX OS setup mechanism. This allows a remote, unauthenticated attacker to access and extract internal application data, including...

BOSCH ctrlX OS 安全漏洞

BOSCH ctrlX OS is a Linux-based real-time operating system from the German company BOSCH. A security vulnerability exists in BOSCH ctrlX OS that stems from improper access control of Task API endpoints, which could lead to internal application data disclosure...

CVE-2025-55011

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

DEBIAN-CVE-2025-55011

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

CVE-2025-55011 Kanboard Path Traversal in File Write via Task File Upload Api

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

CVE-2025-55011 Kanboard Path Traversal in File Write via Task File Upload Api

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

CVE-2025-55011

Kanboard prior to version 1.2.47 is affected by a path-traversal/file-write vulnerability in the API’s createTaskFile handler. The issue arises because task_id validation is missing and path traversal is not checked, allowing a malicious actor to write files to arbitrary locations reachable by th...

CVE-2025-55011 Kanboard Path Traversal in File Write via Task File Upload Api

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

CVE-2025-55011

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the taskid parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file...

Kanboard 安全漏洞

Kanboard is a suite of open source visual task board software from Kanboard Open Source. The software has the ability to customize the panels based on the business. A security vulnerability exists in Kanboard versions prior to 1.2.47, which stems from the API not validating the taskid parameter a...

Linux Distros Unpatched Vulnerability : CVE-2017-12154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02...