❌

Reading view

[REVIVE-SA-2026-003] Revive Adserver Vulnerabilities

Posted by Matteo Beccati on Jul 08

========================================================================
Revive Adserver Security Advisory REVIVE-SA-2026-003
------------------------------------------------------------------------
https://www.revive-adserver.com/security/revive-sa-2026-003
------------------------------------------------------------------------
Date: 2026-06-25
Risk Level: Medium to High
Applications affected: Revive Adserver
Versions...
  •  

OPNsense XPATH Injection (CVE-2026-53582)

Posted by evan on Jul 06

SUMMARY: a stored XPATH injection allows any user with just ca
manager/certificate manager perms to leak any secret key/any value in
config.xml, thus achieving privilege escalation and potentially remote
code execution. this can also likely be chained via csrf and some
clever hiding. see
https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r

== VULN ==
the primary vulnerable sink is here:

$refcount =...
  •  

SCHUTZWERK-SA-2025-001: Authentication Bypass for SafeLine SL6 and SL6+

Posted by Jan HΓΌber via Fulldisclosure on Jul 06

Authentication Bypass for SafeLine SL6 and SL6+
===============================================

The SafeLine SL6 and SL6+ devices integrated into elevator emergency
intercom systems are
vulnerable to an authentication bypass. This vulnerability allows
attackers to bypass
authentication requirements and access the device's configuration
service via the
Bluetooth Low Energy (BLE) interface. Consequently, an attacker within
wireless range...
  •  
❌