CVE-2026-46775

Vulnerability in Oracle REST Data Services component: Core. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle REST Data Services. While the vulnerability is in Oracle REST Data...

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6

CVE-2026-1703 affecting package python-pip for versions less than 24.2-6. A patched version of the package is available...

CVE-2025-8055

Server-Side Request Forgery SSRF vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2...

CVE-2025-8054

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in OpenText™ XM Fax allows Path Traversal. The vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem. This issue affects XM Fax: 24.2...

CVE-2025-8054

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in OpenText™ XM Fax allows Path Traversal. The vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem. This issue affects XM Fax: 24.2...

CVE-2025-8055

Server-Side Request Forgery SSRF vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2...

CVE-2025-8054 Path Traversal vulnerability have been discovered in OpenText™ XM Fax.

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in OpenText™ XM Fax allows Path Traversal. The vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem. This issue affects XM Fax: 24.2...

CVE-2025-8055 SSRF vulnerability have been discovered in OpenText™ XM Fax

Server-Side Request Forgery SSRF vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2...

PT-2026-20946

Server-Side Request Forgery SSRF vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2...

PT-2026-1512

Name of the Vulnerable Software and Affected Versions Altera Quartus Prime Pro versions 24.1 through 24.3.1 Description An uncontrolled search path element issue exists in the Altera Quartus Prime Pro Installer SFX on Windows, allowing for search order hijacking. Recommendations Versions 24.1...

EUVD-2025-204000

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 before 24.2.8, and 25.1 before 25.1.6. Directories and files created by the agent are created with overly permissive ACLs, allowing local users without administrator rights to trigger actions or destabilize the agent...

CVE-2025-67792

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulate a DriveLock process to execute arbitrary commands on Windows computers...

CVE-2025-50181 affecting package python-pip for versions less than 24.2-5

CVE-2025-50181 affecting package python-pip for versions less than 24.2-5. A patched version of the package is available...

CVE-2025-8869 affecting package python-pip for versions less than 24.2-4

CVE-2025-8869 affecting package python-pip for versions less than 24.2-4. A patched version of the package is available...

CVE-2025-60006

Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...

CVE-2025-60006 Junos OS Evolved: OS command injection vulnerabilities fixed

Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...

EUVD-2022-15503

Malicious code in bioql PyPI...

EUVD-2025-13929

Malicious code in bioql PyPI...

EUVD-2024-48352

Malicious code in bioql PyPI...

Imprivata Enterprise Access Management 授权问题漏洞

Imprivata Enterprise Access Management is an identity and access management system from Imprivata Corporation, USA. An authorization issue vulnerability exists in Imprivata Enterprise Access Management versions 5.3 through 24.2, which stems from insufficient handling of keyboard shortcuts and cou...