CVE Alert: CVE-2024-38823
Vulnerability Summary: CVE-2024-38823 Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. Affected Endpoints:...
CVE
CVE Alert: CVE-2025-22242
Vulnerability Summary: CVE-2025-22242 Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method...
CVE Alert: CVE-2024-38825
Vulnerability Summary: CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is...
CVE Alert: CVE-2025-22241
Vulnerability Summary: CVE-2025-22241 File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated...
CVE Alert: CVE-2025-22237
Vulnerability Summary: CVE-2025-22237 An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a...
CVE Alert: CVE-2025-22238
Vulnerability Summary: CVE-2025-22238 Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory...
CVE Alert: CVE-2025-5923
Vulnerability Summary: CVE-2025-5923 The Game Review Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter...
CVE Alert: CVE-2025-22239
Vulnerability Summary: CVE-2025-22239 Arbitrary event injection on Salt Master. The master's "_minion_event" method can be used by and authorized minion...
CVE Alert: CVE-2024-38824
Vulnerability Summary: CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory....
CVE Alert: CVE-2025-6012
Vulnerability Summary: CVE-2025-6012 The Auto Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all...
CVE Alert: CVE-2025-48825
Vulnerability Summary: CVE-2025-48825 RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less...
CVE Alert: CVE-2025-46783
Vulnerability Summary: CVE-2025-46783 Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If this...
CVE Alert: CVE-2025-39240
Vulnerability Summary: CVE-2025-39240 Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation....
CVE Alert: CVE-2025-36506
Vulnerability Summary: CVE-2025-36506 External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions...
CVE Alert: CVE-2025-29902
Vulnerability Summary: CVE-2025-29902 Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. Affected Endpoints:...
CVE Alert: CVE-2025-45984
Vulnerability Summary: CVE-2025-45984 Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4...
CVE Alert: CVE-2025-45988
Vulnerability Summary: CVE-2025-45988 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4...
CVE Alert: CVE-2025-45986
Vulnerability Summary: CVE-2025-45986 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4...
CVE Alert: CVE-2025-45987
Vulnerability Summary: CVE-2025-45987 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4...
CVE Alert: CVE-2025-28388
Vulnerability Summary: CVE-2025-28388 OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Affected Endpoints: No affected...
CVE Alert: CVE-2025-45985
Vulnerability Summary: CVE-2025-45985 Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4...
CVE Alert: CVE-2025-46060
Vulnerability Summary: CVE-2025-46060 Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the...
CVE Alert: CVE-2025-46096
Vulnerability Summary: CVE-2025-46096 Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy...
CVE Alert: CVE-2025-28384
Vulnerability Summary: CVE-2025-28384 An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal....
