#vulnerability

### Summary A directory traversal vulnerability in NiceGUI's `App.add_media_files()` allows a remote attacker to read arbitrary files on the server filesystem. ### Details Hello, I am Seungbin Yang, a university student studying cybersecurity. While reviewing the source code of the repository, I discovered a potential vulnerability and successfully verified it with a PoC. The `App.add_media_files(url_path, local_directory)` method allows users to serve media files. However, the implementation lacks proper path validation. ```python def add_media_files(self, url_path: str, local_directory: Union[str, Path]) -> None: @self.get(url_path.rstrip('/') + '/{filename:path}') def read_item(request: Request, filename: str, nicegui_chunk_size: int = 8192) -> Response: filepath = Path(local_directory) / filename if not filepath.is_file(): raise HTTPException(status_code=404, detail='Not Found') return get_range_response(filepath, request, chunk_siz...

Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensitive corporate information.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: D-Link (India Limited), Sparsh Securitech, Securus CCTV Equipment: DCS-F5614-L1 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information disclosure including capture of camera account credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following D-Link CCTV camera model is confirmed to be affected; specific affected models for Sparsh Securitech and Securus CCTV are unavailable: DCS-F5614-L1: Versions v1.03.038 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL. CVE-2025-13607 has been assigned to this vulnerability. A CVSS v3 base score of 9.4 has been calculated; the CVSS vector string is ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: U-Boot Equipment: U-Boot Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of U-boot is affected: U-boot: All versions prior to 2017.11 The following specific chips have been confirmed to be affected: Qualcomm IPQ4019 Qualcomm IPQ5018 Qualcomm IPQ5322 Qualcomm IPQ6018 Qualcomm IPQ8064 Qualcomm IPQ8074 Qualcomm IPQ9574 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER ACCESS CONTROL FOR VOLATILE MEMORY CONTAINING BOOT CODE CWE-1274 The affected products are vulnerable to a bootloader vulnerability, which could allow an attacker to execute arbitrary code. CVE-2025-24857 has been assigned to this vulnerability. A CVSS v3 base score of 8.4 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo SE & Co. KG Equipment: LX Appliance Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a user of LX Appliance with a high privilege account to craft a malicious course and launch an XSS attack. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Festo reports that the following products are affected: Festo Software LX Appliance: Versions prior to June 2023 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 The "src" attribute of the "track" tag allows a malicious user to bypass HTML escaping and execute arbitrary code. This affects the package video.js before 7.14.3. CVE-2021-23414 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 3.3 BAC...

Google on Monday announced a set of new security features in Chrome, following the company's addition of agentic artificial intelligence (AI) capabilities to the web browser. To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to exploit indirect prompt injections that arise as a result of exposure to untrusted web content and inflict harm. Chief

Cisco Talos has uncovered a new DeadLock ransomware campaign using a previously unknown BYOVD loader to exploit a Baidu Antivirus driver vulnerability, letting threat actors disable EDR defenses and escalate attacks.

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.