PT-2026-38801

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client

The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery XSRF token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol...

Linux Distros Unpatched Vulnerability : CVE-2025-56588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution RCE vulnerability in the User module configuration via the computed field paramete...

EUVD-2022-36990

Malicious code in bioql PyPI...

Dolibarr vulnerable to RCE via the computed field parameter

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution RCE vulnerability in the User module configuration via the computed field parameter...

CVE-2025-56588

Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution RCE vulnerability in the User module configuration via the computed field parameter...

Dolibarr ERP & CRM 安全漏洞

Dolibarr ERP & CRM is an enterprise management software from Dolibarr Open Source. A security vulnerability exists in Dolibarr ERP & CRM version 21.0.1 due to a remote code execution vulnerability in the computed field parameter of the User module configuration...

CVE-2023-22592

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073...

Security Bulletin: IBM Robotic Process Automation is vulnerable to Clickjacking (CVE-2022-22503)

Summary IBM Robotic Process Automation could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...

CLSA-2024-1734635951 Update of python3

Update version to 3.6.8-21.0.1.tuxcare.els1...

PT-2024-11585 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 21.0.1 through 21.0.3 Description: The issue allows a user with physical access to the system to obtain sensitive information due to insufficiently protected credentials. Recommendations: For versions...

OESA-2024-1685 openjdk-17 security update

The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...

K000138850: OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955

Security Advisory Description CVE-2024-20918 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...

CVE-2023-35899

CVE-2023-35899 affects IBM Cloud Pak for Automation versions 18.0.0 through 22.0.2. The issue is a CSV injection vulnerability caused by improper validation of CSV file contents, enabling a remote attacker to execute arbitrary commands on the system. Affected products/versions (per sources) inclu...

Oracle Java SE Security Update (jan2024) 02 - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA63108 Multiple vulnerabilities in Oracle Java SE and GraalVM

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in HTTP/2 protocol can be...

DEBIAN-CVE-2023-49294

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the livedangerously is not enabled. This allows arbitrary fil...

Asterisk Path Traversal Vulnerability

Asterisk is a software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. A path traversal vulnerability exists in Asterisk versions prior to 18.20.1, prior to 20.5.1, and prior to 21.0.1, and in Certified-asterisk versions prior to 18.9-cert6, which stem...

Asterisk Security Vulnerabilities

Asterisk is a software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. A security vulnerability exists in Asterisk versions prior to 18.20.1, prior to 20.5.1, and prior to 21.0.1, and prior to Certified-asterisk 18.9-cert6, which stems from a contentio...

Fedora 39 : java-latest-openjdk (2023-1ad796067e)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1ad796067e advisory. updated to OpenJDK 21.0.1 2023-10-17 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...