CVE-2025-23046 GLPI vulnerable to unauthorized authentication by email using the OAuthIMAP plugin

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth...

CVE-2025-23024 GLPI: Plugins are disabled accessing one page

GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the install/update.php file...

CVE-2025-23024 GLPI: Plugins are disabled accessing one page

GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the install/update.php file...

CVE-2025-27133 WeGIA has SQL Injection endpoint at 'dao/pet/adicionar_tipo_exame.php' parameter 'tipo_exame'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was discovered in the WeGIA application prior to version 3.2.15 at the adicionartipoexame.php endpoint. This vulnerability allows an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive...

CVE-2025-27112 Navidrome has authentication bypass in Subsonic API with non-existent username

Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...

CVE-2025-27112 Navidrome has authentication bypass in Subsonic API with non-existent username

Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

CVE-2025-25285

CVE-2025-25285 affects the npm package @octokit/endpoint. The vulnerability arises in endpoint.parse(options) via crafted options in versions 4.1.0 through before 10.1.3, causing a ReDoS that can hang the program and raise CPU usage. A fix is available in version 10.1.3 (patch applied) and later....

CVE-2025-25297 Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint

Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage integration feature contains a Server-Side Request Forgery SSRF vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a cust...

CVE-2025-25283

parse-duraton is software that allows users to convert a human readable duration to milliseconds. Versions prior to 2.1.3 are vulnerable to an event loop delay due to the CPU-bound operation of resolving the provided string, from a 0.5ms and up to 50ms per one operation, with a varying size from...

CVE-2025-25198 mailcow: dockerized vulnerable to password reset poisoning

mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the Host HTTP header to generate a password reset link pointing to an attacker-controlled domain. This...

CVE-2024-45341 affecting package msft-golang for versions less than 1.23.3-2

CVE-2024-45341 affecting package msft-golang for versions less than 1.23.3-2. A patched version of the package is available...

CVE-2025-25203 Ctrlpanel has stored XSS vulnerability in TicketsController priority field

CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting XSS vulnerability exists in the TicketsController and Moderation/TicketsController due to insufficient input validation on the priority field during ticket creation and unsafe rendering o...

CVE-2025-25203 Ctrlpanel has stored XSS vulnerability in TicketsController priority field

CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting XSS vulnerability exists in the TicketsController and Moderation/TicketsController due to insufficient input validation on the priority field during ticket creation and unsafe rendering o...

CVE-2025-25203

CVE-2025-25203 affects CtrlPanel (open-source billing software). The XSS vulnerability exists in the TicketsController and Moderation/TicketsController due to insufficient input validation on the priority field during ticket creation and unsafe rendering of this field in the moderator panel. Vers...

CVE-2025-24970

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970

CVE-2025-24970 (Netty) affects Netty 4.1.91.Final through 4.1.118.Final. A crafted packet via SslHandler can fail validation, causing a native crash. A patch exists in 4.1.118.Final. Workarounds include disabling the native SSLEngine or applying code-level changes as noted by advisories. IBM bull...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

Azure Linux 3.0 Security Update: ruby / rubygem-rexml (CVE-2024-35176)

The version of ruby / rubygem-rexml installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35176 advisory. - REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service...