CVE Brief Security Intelligence

A vulnerability was found in D-Link DIR-513 up to 20190831

The Ajax Load More plugin before 2

A vulnerability was found in Tenda AC7 15

Ai2 playground web service (playground

Path Traversal vulnerability in onnx

A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2

Remote Code Execution in letta

Cross-site Scripting (XSS) in aimhubio Aim 3

Memory safety bugs present in Firefox ESR 115

Memory safety bugs present in Firefox ESR 128

Memory safety bugs present in Firefox ESR 140

Type Confusion in V8 in Google Chrome prior to 138

Type Confusion in V8 in Google Chrome prior to 138

A vulnerability has been found in Tenda AC23 16

The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rp_user_profile() AJAX handler in versions 0

The Social Streams plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1

All versions of the package bun are vulnerable to Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the $ shell API due to improper neutralization of user input

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection

An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail_test)

An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting)

IBM Engineering Systems Design Rhapsody 9

IBM Engineering Systems Design Rhapsody 9

An issue has been discovered in GitLab CE/EE affecting all versions from 15

All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery

The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7

The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3

The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1

Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags

Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code

XSLT document loading did not correctly propagate the source document which bypassed its CSP

Thunderbird cached CORS preflight responses across IP address changes

In some cases search terms persisted in the URL bar even after navigating away from the search page

DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection

A vulnerability has been found in Dahua products

A vulnerability has been found in Dahua products

Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM)

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution

Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file

Roo Code is an AI-powered autonomous coding agent that lives in users' editors

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe

Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature This issue affects the following versions : * Devolutions Server 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 15

Kyverno is a policy engine designed for cloud native platform engineering teams

A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8

A denial of service vulnerability exists in the Bloomberg Comdb2 8

A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message functionality of Bloomberg Comdb2 8

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8

A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8

DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community

DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers

yt-dlp is a feature-rich command-line audio/video downloader

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems

pyLoad is a free and open-source Download Manager written in pure Python

ViewVC is a browser interface for CVS and Subversion version control repositories

All versions of the package files-bucket-server are vulnerable to Directory Traversal where an attacker can traverse the file system and access files outside of the intended directory

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces

A vulnerability was found in code-projects Public Chat Room 1

An issue was discovered in AlertEnterprise Guardian 4

An issue was discovered in AlertEnterprise Guardian 4

HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass

A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution

WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in WebGUI

The Nginx Cache Purge Preload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection

In Pluck CMS 4

Path Traversal in restore_run_backup() in AIM 3