MobSF is a mobile application security testing tool used. In version 4.4.0, the GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWD_DIR download directory from “neighboring” directories whose absolute paths begin with the same prefix as DWD_DIR (e.g., …/downloads_bak, …/downloads.old). This is a Directory […]
ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform, ESPHome’s web_server authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value. This allows access to web_server functionality (including OTA, if enabled) without knowing any […]
CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers HashiCorp has issued a security advisory for a newly disclosed vulnerability in Vault, its widely used secrets management platform. Tracked as CVE-2025-6203 and rated CVSS 7.5 (High), the flaw could a … Read more Published Date: Sep 02, 2025 (4 hours, 1 minute ago) Vulnerabilities has […]
A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry The phishing page prompts for OTP codes sent via SMS | Image: Okta Okta Threat Intelligence is sounding the alarm over a large-scale phishing campaign that has been actively impersonating major player … Read more Published Date: Sep 02, 2025 (4 hours, 42 minutes ago) Vulnerabilities […]
Affected Products The following products are affected by CVE-2025-9802 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below. No affected product recoded yet
CVE-2025-58158 Flaw in Harness Gitness Allows Arbitrary File Write The open-source DevOps ecosystem has been hit with another critical security issue—this time in Harness Open Source, a platform that combines code hosting, automated pipelines, Gitspaces, and artifact … Read more Published Date: Sep 02, 2025 (4 hours, 57 minutes ago) Vulnerabilities has been mentioned in this article. […]
The following table lists the changes that have been made to the CVE-2025-9801 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 01, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-9800 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 01, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
