90 matches found
EUVD-2026-19248
GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, an unauthenticated time-based blind SQL injection exists in GLPI's Search engine. This vulnerability is fixed in 11.0.6...
CVE-2026-22248 GLPI affected by Remote Code Execution via malicious upload
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...
CVE-2026-22248 GLPI affected by Remote Code Execution via malicious upload
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...
CVE-2025-0976
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00...
CVE-2025-0976
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00...
Tenable Nessus Agent < 11.0.4 / 11.1.x < 11.1.2 DoS (TNS-2026-05)
According to its self-reported version, the Tenable Nessus Agent running on the remote host is prior to 11.0.4 or 11.1.x prior to 11.1.2. It is, therefore, affected by a vulnerability as referenced in the TNS-2026-05 advisory. - A vulnerability has been identified where weak file permissions in t...
[R1] Nessus Agent Versions 11.0.4 and 11.1.2 Fix One Vulnerability
R1 Nessus Agent Versions 11.0.4 and 11.1.2 Fix One Vulnerability Arnie Cabral Thu, 02/12/2026 - 10:40 A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service DoS attack...
CVE-2026-23624
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...
CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...
CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...
CVE-2026-23624
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...
CVE-2026-22247
CVE-2026-22247 affects GLPI (versions 11.0.0 through
CVE-2026-22247
GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...
PT-2026-6181
Name of the Vulnerable Software and Affected Versions GLPI versions 0.71 through 10.0.22 GLPI versions 0.71 through 11.0.4 Description GLPI is an asset and IT management software package. When remote authentication is used with Single Sign-On SSO variables, a user can potentially gain access to...
CVE-2025-1531
Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00...
CVE-2025-62190 CSRF Allows Call Initiation and Message Delivery
Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 and Mattermost Calls versions =1.10.0 fail to implement CSRF protection on the Calls widget page which allows an authenticated attacker to initiate calls and inject messages into channels or direct messages via a malicious...
EUVD-2025-203892
Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 and Mattermost Calls versions =1.10.0 fail to implement CSRF protection on the Calls widget page which allows an authenticated attacker to initiate calls and inject messages into channels or direct messages via a malicious...
EUVD-2020-0421
Malware in sbrugna...
EUVD-2025-15416
Malicious code in bioql PyPI...
EUVD-2025-12327
Malicious code in bioql PyPI...