CVE-2026-1879

A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a manipulation of the argument uploadLogo results in unrestricted upload. Remote exploitation of the...

CVE-2026-22595 Ghost has Staff Token permission bypass

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. Externa...

EUVD-2024-41609

Malicious code in bioql PyPI...

CVE-2025-5952

A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2018-20663

The Reporting Addon aka Reports Addon through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports Reports" name field...

Amazon Linux 2023 : squid (ALAS2023-2025-857)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-857 advisory. Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource...

Squid 3.x < 6.10 / 7.0.0 DoS (SQUID-2024:04)

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

RHSA-2021:4702 Red Hat Security Advisory: Satellite 6.10 Release

Bulletin has no description...

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:2268-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2268-1 advisory. - Update to version 6.10 - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086 Tenable has extracted...

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.10 is vulnerable to Broken Access Control

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.10 Fixed in 6.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-33996 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID b4ca9dd06551...

K05345625: Linux kernel vulnerability CVE-2018-10872

Security Advisory Description A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first...

SUSE CVE-2018-10872

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch...

EMC RSA Archer 6.0 < 6.9 SP3 P4 / 6.10 < 6.10 P2 Remote Code Execution

The version of EMC RSA Archer running on the remote web server is 6.x prior to 6.9.3.4 6.9 SP3 P4, 6.10.x prior to 6.10.0.2 6.10 P2. It is, therefore, affected by a remote code execution vulnerability due to unrestricted upload of a file with a dangerous type. A remote, authenticated malicious us...

CVE-2022-43538

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complet...

Aruba Networks ClearPass Policy Manager SQL注入漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could exploit this vulnerability to perform a SQL injection attac...

Aruba Networks ClearPass 安全漏洞

Aruba Networks ClearPass is an access management system from Aruba Networks, Inc. that integrates network control, application and device management capabilities. A security vulnerability exists in Aruba Networks ClearPass. An attacker could exploit the vulnerability to elevate user privileges to...

Aruba Networks ClearPass Policy Manager 操作系统命令注入漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. An operating system command injection vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could use this vulnerability to run...

CVE-2022-37453

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...