592 matches found
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...
Stored XSS in n8n Form Trigger allows Account Takeover via injected iframe and video/source
Impact A stored Cross-Site Scripting XSS vulnerability was identified in n8n, specifically in the Form Trigger node's HTML form element. An authenticated attacker can inject malicious HTML via an with a srcdoc payload that includes arbitrary JavaScript execution. The attacker can also inject...
CVE-2025-54472 Apache bRPC: Redis Parser Remote Denial of Service
Unlimited memory allocation in redis protocol parser in Apache bRPC all versions 1.14.1 on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers re...
EulerOS 2.0 SP11 : vim (EulerOS-SA-2025-1945)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the :redir ex command to register,...
Exploit for Code Injection in Xwiki
📜 Description A critical RCE vulnerability exists in...
CVE-2025-8518
A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has bee...
CVE-2025-8517 givanz Vvveb session fixiation
A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0.7 is recommended to address this issue. The patch is...
CVE-2025-54418
CodeIgniter4 (PHP) vulnerability: ImageMagick handler (imagick) allows command injection when processing uploads with user-controlled filenames (resize()) or text operations (text()) in versions prior to 4.6.2. Root cause is unsafe handling of user input in ImageMagick workflows, enabling shell m...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to command injection due to the lodash package (CVE-2021-23337)
Summary Lodash is used by DataStage on Cloud Pak for Data as part of data manipulation. Vulnerability Details CVEID:CVE-2021-23337 DESCRIPTION: Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. CWE:CWE-94: Improper Control of Generation of Code 'Code...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to a null pointer dereference due to the libarchive package (CVE-2024-48615)
Summary libarchive is used by DataStage on Cloud Pak for Data as part of data formatting. Vulnerability Details CVEID:CVE-2024-48615 DESCRIPTION: Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to unwanted disconnects due to the gRPC package (CVE-2023-33953)
Summary gRPC is used by DataStage on Cloud Pak for Data as part of service communication. Vulnerability Details CVEID:CVE-2023-33953 DESCRIPTION: gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to out of bounds memory access due to the libssh2 package (CVE-2020-22218)
Summary libssh2 is used by DataStage on Cloud Pak for Data as part of secure communications. Vulnerability Details CVEID:CVE-2020-22218 DESCRIPTION: An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. CWE:CWE-787: Out-of-bounds...
CVE-2025-7338
Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. This request causes an unhandled...
CVE-2025-7339 on-headers vulnerable to http response header manipulation
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions 1.1.0 may result in response headers being inadvertently modified when an array is passed to response.writeHead. Users should upgrade to version 1.1.0 to receive a patch. Uses are...
CVE-2025-7338
CVE-2025-7338 affects Multer (Node.js middleware for multipart/form-data) and can trigger a DoS via a malformed multipart upload. The issue exists in versions 1.4.4-lts.1 through prior to 2.0.2, causing an unhandled exception and process crash. The recommended fix is to upgrade to Multer 2.0.2 ; ...
CVE-2025-53836 XWiki Rendering is vulnerable to RCE attacks when processing nested macros
XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...
XWiki Rendering is vulnerable to XSS attacks through insecure XHTML syntax
Impact The XHTML syntax depended on the xdom+xml/current syntax which allows the creation of raw blocks that permit the insertion of arbitrary HTML content including JavaScript. This allows XSS attacks for users who can edit a document like their user profile enabled by default. The attack works ...
CBL Mariner 2.0 Security Update: coredns (CVE-2025-47950)
The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47950 advisory. - CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS...
CVE-2025-7053
A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The attack may be initiated remotely. Upgrading to version...