SUSE-SU-2026:21235-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...

OPENSUSE-SU-2026:20567-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...

EUVD-2023-41187

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-37278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator ca...

CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

Zimbra Collaboration Server 访问控制错误漏洞

Zimbra Collaboration Server ZCS is an email and collaboration solution from Zimbra. The solution provides email, contacts, calendar, file sharing, social networking, and other features. A security vulnerability exists in Zimbra Collaboration Server that stems from a logging service that sometimes...

HCL BigFix Platform Cross-Site Scripting Vulnerability

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL BigFix Platform, which stems from a store...

CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

UBUNTU-CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

PT-2023-8862 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.9 Description: The issue is related to SQL injection via dashboards administration, allowing a remote attacker to execute arbitrary SQL queries. This can be triggered by an administrator. Recommendations: For...

Eclipse Jetty 输入验证错误漏洞

Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. A security vulnerability exists in Eclipse Jetty that stems from invalid URI parsing that could result in an invalid HttpURI.authority, which affects the following products and releases:...

SonicWall Email Security Appliance 信任管理问题漏洞

Sonicwall SonicWall Email Security Appliance is an email security appliance from SonicWall USA. A vulnerability with trust management issues exists in the SonicWall Email Security Virtual Appliance prior to version 10.0.9. The vulnerability stems from the program containing a default username and...

CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

Design/Logic Flaw

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

PT-2021-2764

Name of the Vulnerable Software and Affected Versions: SonicWall Email Security version 10.0.9.x Description: The issue is related to incorrect restriction of a directory path with limited access. This allows a remote attacker to gain unauthorized access to protected information. Specifically, it...

CVE-2021-20022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...