integratus systems

Exchange Platform Services

 
  • Join Now-Sign Up
  • Log In
Forgot Password integratus systems

Reset Password

IS Security Alerts Advisories

  • Multiple vulnerabilities in RICOH Streamline NX PC Client
    RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities. ... read more
  • 93.03850
    Newly Added (1)Android/NGate.S!trModified (3)Adware/Agent!AndroidAdware/SpyLoan!AndroidAndroid/KillFiles.QL!tr ... read more
  • CVE-2025-4863 | Advaya Softech GEMS ERP Portal 2.1 studentLogin.action userId sql injection
    A vulnerability, which was classified as critical, was found in Advaya Softech GEMS ERP Portal 2.1. This affects an unknown part of the file /studentLogin/studentLogin.action. The manipulation of the argument ... read more
  • CVE-2022-4363 | Wholesale Market Plugin prior 2.2.2 on WordPress Setting cross-site request forgery
    A vulnerability, which was classified as problematic, has been found in Wholesale Market Plugin and Wholesale Market for WooCommerce Plugin on WordPress. Affected by this issue is some unknown functionality ... read more
  • CVE-2025-47945 | donetick up to 0.1.43 JSON Web Token variable initialization (GHSA-hjjg-vw4j-986x)
    A vulnerability was found in donetick up to 0.1.43. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component JSON Web Token Handler. ... read more
  • CVE-2025-47786 | Emlog 2.5.13 /admin/comment.php perpage_num cross site scripting (GHSA-82qc-9vg7-2c6c)
    A vulnerability classified as problematic has been found in Emlog 2.5.13. Affected is an unknown function of the file /admin/comment.php. The manipulation of the argument perpage_num leads to cross site ... read more
  • CVE-2025-47785 | Emlog up to 2.5.9 admin/article_save.php origContent sql injection (GHSA-939m-47f7-m559)
    A vulnerability has been found in Emlog up to 2.5.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/article_save.php. The manipulation of the ... read more
  • CVE-2025-2203 | FunnelKit Plugin up to 3.10.1 on WordPress sql injection (EUVD-2025-15210)
    A vulnerability classified as critical has been found in FunnelKit Plugin up to 3.10.1 on WordPress. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is ... read more
  • CVE-2025-4871 | PCMan FTP Server 2.0.7 REST Command buffer overflow
    A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads ... read more
  • CVE-2025-4866 | weibocom rill-flow 0.1.18 Management Console code injection (Issue 102)
    A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. ... read more
  • CVE-2025-32407 | Samsung Internet for Galaxy Watch 5.0.9 TLS Certificate channel accessible (EUVD-2025-15549)
    A vulnerability classified as problematic was found in Samsung Internet for Galaxy Watch 5.0.9. Affected by this vulnerability is an unknown functionality of the component TLS Certificate Handler. The manipulation ... read more
  • CVE-2025-4872 | FreeFloat FTP Server 1.0 CCC Command buffer overflow
    A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer ... read more
  • CVE-2025-4190 | CSV Mass Importer Plugin up to 1.2 on WordPress unrestricted upload (EUVD-2025-15569)
    A vulnerability was found in CSV Mass Importer Plugin up to 1.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation ... read more
  • CVE-2025-48187 | infiniflow ragflow up to 0.18.1 excessive authentication (EUVD-2025-15586)
    A vulnerability was found in infiniflow ragflow up to 0.18.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper restriction ... read more
  • CVE-2025-47273 | pypa setuptools up to 78.1.0 PackageIndex path traversal (ID 4946 / EUVD-2025-15591)
    A vulnerability, which was classified as critical, has been found in pypa setuptools up to 78.1.0. Affected by this issue is some unknown functionality of the component PackageIndex. The manipulation ... read more
  • CVE-2025-1454 | Ninja Pages Plugin up to 1.4.2 on WordPress Admin Settings cross site scripting
    A vulnerability was found in Ninja Pages Plugin up to 1.4.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Admin Settings. ... read more
  • 93.03849
    Modified (7)Adware/Agent!AndroidAndroid/Agent.EHJ!tr.spyAndroid/Agent.FBE!trAndroid/Agent.FJL!trAndroid/Banker.CNB!tr.spyAndroid/KillFiles.QL!trAndroid/KillFiles.QM!tr ... read more
  • ISC Stormcast For Friday, June 13th, 2025 https://isc.sans.edu/podcastdetail/9492, (Fri, Jun 13th)
    ... read more
  • 93.03848
    Newly Added (1)Android/KillFiles.YL!trModified (16)Adware/Fyben!AndroidAdware/Keylogger!AndroidAdware/SpyLoan!AndroidAndroid/Agent.DUU!tr.spyAndroid/Agent.EHJ!tr.spyAndroid/Agent.EIG!tr.spyAndroid/Agent.FJL!trAndroid/Agent.JZJ!trAndroid/Banker.BGB!tr.spyAndroid/Banker.CHE!tr.spyAndroid/Banker.DOJ!tr.spyAndroid/GriftHorse.B!trAndroid/KillFiles.BS!trAndroid/KreditSpy.S!tr.spyRiskware/Application!AndroidRiskware/Spamtool!Android ... read more
  • SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
    Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data ... read more
  • CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload
    A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads ... read more
  • CVE-2025-45238 | FoxCMS 1.2.5 delRestoreSerie denial of service
    A vulnerability was found in FoxCMS 1.2.5. It has been rated as problematic. This issue affects the function delRestoreSerie. The manipulation leads to denial of service. The identification of this ... read more
  • CVE-2025-45240 | FoxCMS 1.2.5 DataBackup.php executeCommand sql injection (EUVD-2025-13452)
    A vulnerability, which was classified as critical, was found in FoxCMS 1.2.5. This affects the function executeCommand of the file DataBackup.php. The manipulation leads to sql injection. This vulnerability is ... read more
  • CVE-2025-45239 | FoxCMS 2.0.6 Restore DataBackup.php path traversal
    A vulnerability, which was classified as critical, was found in FoxCMS 2.0.6. Affected is an unknown function of the file DataBackup.php of the component Restore Handler. The manipulation leads to ... read more
  • CVE-2025-48797 | GIMP TGA Image Parser Pufferüberlauf
    In GIMP wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Komponente TGA Image Parser. Durch Beeinflussen mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. ... read more
  • CVE-2025-48057 | Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 VerifyCertificate Remote Code Execution
    In Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion VerifyCertificate. Durch Manipulieren mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ... read more
  • CVE-2025-3704 | DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 auf WordPress Cross Site Scripting
    Es wurde eine problematische Schwachstelle in DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 für WordPress gefunden. Es geht dabei um eine nicht klar definierte Funktion. Dank Manipulation mit ... read more
  • CVE-2025-48796 | GIMP ANI File Parser ani_load_image Pufferüberlauf
    Es wurde eine kritische Schwachstelle in GIMP entdeckt. Betroffen hiervon ist die Funktion ani_load_image der Komponente ANI File Parser. Durch das Beeinflussen mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. ... read more
  • CVE-2025-27701 | Google Android process_crypto_cmd ptrs Pufferüberlauf
    Es wurde eine Schwachstelle in Google Android entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es die Funktion process_crypto_cmd. Durch das Manipulieren des Arguments ptrs mit unbekannten Daten kann eine ... read more
  • CVE-2025-27700 | Google Android Local Privilege Escalation
    Eine problematische Schwachstelle wurde in Google Android ausgemacht. Dies betrifft einen unbekannten Teil. Mittels Manipulieren mit unbekannten Daten kann eine Local Privilege Escalation-Schwachstelle ausgenutzt werden. Auf source.android.com kann das Advisory ... read more
  • CVE-2024-56193 | Google Android Bluetooth Adapter Information Disclosure
    In Google Android wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Komponente Bluetooth Adapter. Mittels dem Manipulieren mit unbekannten Daten kann eine Information Disclosure-Schwachstelle ausgenutzt werden. Bereitgestellt ... read more
  • CVE-2025-48370 | auth-js bis 2.69.0 API schwache Authentisierung (GHSA-8r88-6cj9-9fh5)
    Es wurde eine kritische Schwachstelle in auth-js bis 2.69.0 ausgemacht. Es betrifft die Funktion getUserById/deleteUser/updateUserById/listFactors/deleteFactor der Komponente API. Durch Manipulation mit unbekannten Daten kann eine schwache Authentisierung-Schwachstelle ausgenutzt werden. Das ... read more
  • CVE-2025-2236 | OpenText Advanced Authentication bis 6.4 Local Privilege Escalation
    In OpenText Advanced Authentication bis 6.4 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion. Mit der Manipulation mit unbekannten Daten kann eine Local Privilege ... read more
  • CVE-2025-48383 | codingjoe django-select2 bis 8.4.0 auf Select2 ModelSelect2MultipleWidget/ModelSelect2Widget Remote Code Execution (GHSA-wjrh-hj83-3wh7)
    Eine kritische Schwachstelle wurde in codingjoe django-select2 bis 8.4.0 für Select2 gefunden. Hierbei geht es um die Funktion ModelSelect2MultipleWidget/ModelSelect2Widget. Durch die Manipulation mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ... read more
  • CVE-2025-48798 | GIMP XCF Image Parser Pufferüberlauf
    Eine kritische Schwachstelle wurde in GIMP entdeckt. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente XCF Image Parser. Dank der Manipulation mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ... read more
  • Securing Your SSH authorized_keys File, (Tue, May 27th)
    This is nothing "amazingly new", but more of a reminder to secure your "authorized_keys" file for SSH. One of the first things I see even simple bots do to obtain ... read more
  • CVE-2022-34026 | ICEcoder 8.1 pathname traversal
    A vulnerability classified as critical has been found in ICEcoder 8.1. Affected is an unknown function. The manipulation leads to pathname traversal. This vulnerability is traded as CVE-2022-34026. Access to ... read more
  • CVE-2022-40088 | Simple College Website 1.0 index.php? page cross site scripting
    A vulnerability, which was classified as problematic, was found in Simple College Website 1.0. This affects an unknown part of the file /college_website/index.php?. The manipulation of the argument page leads ... read more
  • CVE-2022-40089 | Simple College Website 1.0 file inclusion
    A vulnerability, which was classified as critical, has been found in Simple College Website 1.0. Affected by this issue is some unknown functionality. The manipulation leads to file inclusion. This ... read more
  • CVE-2022-31937 | Netgear N300 1.0.0.70 uhttpd stack-based overflow
    A vulnerability was found in Netgear N300 1.0.0.70. It has been classified as critical. Affected is an unknown function of the component uhttpd. The manipulation leads to stack-based buffer overflow. ... read more
  • CVE-2022-37234 | Netgear Nighthawk AC1900 1.0.11.134_10.2.119 Firmware wl strncpy stack-based overflow
    A vulnerability classified as critical was found in Netgear Nighthawk AC1900 1.0.11.134_10.2.119. This vulnerability affects the function strncpy of the file wl of the component Firmware. The manipulation leads to ... read more
  • CVE-2022-37235 | Netgear Nighthawk AC1900 1.0.11.134_10.2.119 wl strncat stack-based overflow
    A vulnerability has been found in Netgear Nighthawk AC1900 1.0.11.134_10.2.119 and classified as critical. Affected by this vulnerability is the function strncat of the file wl. The manipulation leads to ... read more
  • CVE-2022-35024 | OTFCC 617837b memmove-vec-unaligned-erms.S memory corruption
    A vulnerability classified as critical has been found in OTFCC 617837b. Affected is an unknown function of the file /multiarch/memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. This vulnerability is traded ... read more
  • CVE-2022-40087 | Simple College Website 1.0 file_put_contents unrestricted upload
    A vulnerability classified as critical was found in Simple College Website 1.0. Affected by this vulnerability is the function file_put_contents. The manipulation leads to unrestricted upload. This vulnerability is known ... read more
  • CVE-2025-44864 | Tenda W20E 15.11.0.6 formSetDebugCfg module command injection (EUVD-2025-13264)
    A vulnerability was found in Tenda W20E 15.11.0.6. It has been classified as critical. This affects the function formSetDebugCfg. The manipulation of the argument module leads to command injection. This ... read more
  • CVE-2025-32884 | Tenna Mesh Device 1.1.12 Phone Number information disclosure (EUVD-2025-13280)
    A vulnerability was found in Tenna Mesh Device 1.1.12 and classified as problematic. This issue affects some unknown processing of the component Phone Number Handler. The manipulation leads to information ... read more
  • CVE-2025-46633 | Tenda RX2 Pro 16.03.30.14 Web Management Portal cleartext transmission (EUVD-2025-13262)
    A vulnerability, which was classified as problematic, has been found in Tenda RX2 Pro 16.03.30.14. Affected by this issue is some unknown functionality of the component Web Management Portal. The ... read more
  • CVE-2025-5159 | H3C SecCenter SMP-E1114P02 up to 20250513 /cfgFile/1/download Name path traversal
    A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been rated as problematic. This issue affects the function Download of the file /cfgFile/1/download. The manipulation of ... read more
  • CVE-2025-46630 | Tenda RX2 Pro 16.03.30.14 Web Management Portal /goform/ate access control (EUVD-2025-13266)
    A vulnerability was found in Tenda RX2 Pro 16.03.30.14. It has been classified as critical. This affects an unknown part of the file /goform/ate of the component Web Management Portal. ... read more
  • CVE-2025-32890 | Tenna Mesh Device 1.1.12 integrity check (EUVD-2025-13274)
    A vulnerability, which was classified as problematic, has been found in Tenna Mesh Device 1.1.12. This issue affects some unknown processing. The manipulation leads to improper validation of integrity check ... read more

integratus systems © 2025

KAVI IS iCOMMEX Platform v 02.25 Tuesday, June 17, 2025

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

Search

Reset Password

Reset Password

You have no permission to access this content