Riasztások | HunCERT csoport

2025. március 18.

NA - CVE-2025-2494 - Unrestricted file upload to Softdial Contact...

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which...

security-database.com

Tovább

2025. március 18.

NA - CVE-2025-2495 - Stored Cross-Site Scripting (XSS) in Softdial...

Stored Cross-Site Scripting (XSS) in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to upload XML files to the server with JavaScript code injected via the...

security-database.com

Tovább

2025. március 18.

NA - CVE-2023-47539 - An improper access control vulnerability in...

An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may allow a remote unauthenticated attacker to bypass admin...

security-database.com

Tovább

2025. március 18.

NA - CVE-2024-21760 - An improper control of generation of code...

An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all...

security-database.com

Tovább

2025. március 18.

Critical - CVE-2024-8997 - Improper Neutralization of Special Elements...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vestel EVC04 Configuration Interface allows SQL Injection.This issue affects EVC04...

security-database.com

Tovább

2025. március 18.

NA - CVE-2025-25500 - An issue in CosmWasm prior to v2.2.0 allows...

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a...

security-database.com

Tovább

2025. március 18.

NA - CVE-2025-2449 - NI FlexLogger usiReg URI File Parsing Directory...

NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI...

security-database.com

Tovább

2025. március 18.

NA - CVE-2025-2450 - NI Vision Builder AI VBAI File Processing...

NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI...

security-database.com

Tovább

2025. március 18.

Low - CVE-2025-2490 - A vulnerability was found in Dromara ujcms...

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file...

security-database.com

Tovább

2025. március 18.

NA - CVE-2025-30106 - On IROAD v9 devices, the dashcam has hardcoded...

On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device's...

security-database.com

Tovább

Telefon:	+36 1 279 6222 (09:00-16:00)
Email:	@email
Cím:	1111 Budapest, Kende u. 13-17.