Vitest is a testing framework powered by Vite. Affected versions are subject to arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site We ...
Continue Reading
February 23, 2025
stimulus_reflex is a system to extend the capabilities of both Rails and Stimulus by intercepting user interactions and passing them to Rails over real-time websockets. In affected versions more metho ...
Continue Reading
February 23, 2025
Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a ma ...
Continue Reading
February 23, 2025
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal ca ...
Continue Reading
February 23, 2025
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS), with the privileges of the site user of the targeted BeyondTrust ...
Continue Reading
February 21, 2025
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS), with the privileges of the site user of the targeted BeyondTrust ...
Continue Reading
February 20, 2025
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS), with the privileges of the site user of the targeted BeyondTrust ...
Continue Reading
February 17, 2025
Vitest is a testing framework powered by Vite. Affected versions are subject to arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site We ...
Continue Reading
February 12, 2025
Back to Main
