Tagged: Cybersecurity Alert

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted...

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The ‘www-data’ user is a member of the ‘nagios’ group, which...

A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such manipulation leads to sql injection. The attack can...

Nagios Log Server versions prior to 2026R1.0.1 contain an authenticated command injection vulnerability in the experimental ‘Natural Language Queries’ feature. When this feature is configured, certain user-controlled settings—including model selection and connection parameters—are read...

PDFPatcher thru 1.1.3.4663 executable’s XML bookmark import functionality does not restrict XML external entity (XXE) references. The application uses .NET’s XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from...

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations. More information : https://github.com/cydtseng/Vulnerability-Research/blob/main/pdfpatcher/DirectoryTraversal-ImageExport.md

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with ‘Configuration Edit’ permissions to...

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /saveorder.php. Such manipulation of the argument ID leads to sql injection....

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated...

An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager, enabling an attacker with valid API tokens to inject SQL via crafted input. The API is not enabled by default,...

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections...

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information...

GoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy server. This can be problematic if the GoSign Desktop user selects an arbitrary proxy server without consideration of whether outbound...