giulioschiavone/Vulnerability-Research

Releases0

All cve discovered - Use for tracking

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-67397 ↗	Jan 5, 2026Monday, 5 January 2026, 19:15	9.1 CRITICAL	—
An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection.
CVE-2025-61198 ↗	Oct 6, 2025Monday, 6 October 2025, 14:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
CVE-2025-61197 ↗	Oct 6, 2025Monday, 6 October 2025, 14:15	8.9 HIGH	—
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage