GoCD Patches Critical Vulnerability Allowing User Privilege Escalation Open-source CI/CD platform GoCD has released an urgent security update to address a critical vulnerability that could allow malicious authenticated users to escalate their privileges to administrator … Read more Published Date: Jan 06, 2025 (12 hours, 41 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-10957 Go…

CVE ID : CVE-2025-0225 Published : Jan. 5, 2025, 5:15 p.m. | 1 hour, 58 minutes ago Description : A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: ‘/../filedir’. The…

CVE ID : CVE-2025-0226 Published : Jan. 5, 2025, 6:15 p.m. | 58 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this issue is the function download of the file /collect/PortV4/downLoad.html. The manipulation of the argument path leads to information disclosure.…

CVE ID : CVE-2025-0227 Published : Jan. 5, 2025, 6:15 p.m. | 58 minutes ago Description : A vulnerability, which was classified as problematic, was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This affects an unknown part of the file /Logs/Annals/downLoad.html. The manipulation of the argument path leads to information disclosure. It is possible to…

CVE ID : CVE-2025-0223 Published : Jan. 5, 2025, 4:15 p.m. | 2 hours, 58 minutes ago Description : A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference.…

CVE ID : CVE-2025-0224 Published : Jan. 5, 2025, 5:15 p.m. | 1 hour, 58 minutes ago Description : A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) and NVR5-8200PX up to 20241220. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /server.js. The manipulation leads to…

CVE ID : CVE-2025-0221 Published : Jan. 5, 2025, 3:15 p.m. | 3 hours, 58 minutes ago Description : A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference.…

CVE ID : CVE-2025-0222 Published : Jan. 5, 2025, 4:15 p.m. | 2 hours, 58 minutes ago Description : A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An…

CVE ID : CVE-2025-0220 Published : Jan. 5, 2025, 1:15 p.m. | 5 hours, 58 minutes ago Description : A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. This affects an unknown part of the component Ethernet Configuration Menu. The manipulation of the argument Hostname leads to cross site scripting. It is possible…

CVE ID : CVE-2024-13141 Published : Jan. 5, 2025, 3:15 p.m. | 3 hours, 58 minutes ago Description : A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross…