37 matches found
EUVD-2026-36068
Silverpeas through 6.4.6 mishandles the "Personal space" feature that is selected when no componentId is set...
EUVD-2026-24960
A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...
CVE-2026-30139
A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...
PT-2026-34456
A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...
CVE-2026-30139
A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...
EUVD-2021-28172
Malicious code in bioql PyPI...
CVE-2022-45857
An incorrect user management vulnerability CWE-286 in the FortiManager version 6.4.6 and below VDOM creation component may allow an attacker to access a FortiGate without a password via newly created VDOMs after the superadmin account is deleted...
CVE-2021-36192
An exposure of sensitive information to an unauthorized actor CWE-200 vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS...
CVE-2024-50318
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service...
CVE-2024-50321
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service...
CVE-2024-50317
A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service...
PT-2024-34144 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.6 Description: The issue is an out-of-bounds read vulnerability that allows a remote unauthenticated attacker to leak sensitive information in memory. Recommendations: For versions prior to 6.4.6, update...
Ivanti Avalanche 安全漏洞
Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability previously existed in Ivanti Avalanche version 6.4.6, which stemmed from the inclusion of ...
PT-2024-8639 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.6 Description: The issue is related to an infinite loop in Ivanti Avalanche, which can be exploited by a remote unauthenticated attacker to cause a denial of service. This is due to a condition where the...
PT-2024-8642 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.6 Description: The issue is related to an infinite loop in Ivanti Avalanche, which can be exploited by a remote unauthenticated attacker to cause a denial of service. This means that the attacker can...
PT-2024-8640 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.6 Description: A null pointer dereference in Ivanti Avalanche allows a remote unauthenticated attacker to cause a denial of service. This issue is related to the system's management of mobile devices and...
RHSA-2016:0124 Red Hat Security Advisory: jboss-ec2-eap security and enhancement update for EAP 6.4.6
Bulletin has no description...
BIT-MONGOOSE-2022-2564 Prototype Pollution in automattic/mongoose
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...
WordPress WP Retina 2x Plugin < 6.4.6 Information Disclosure Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:meowapps:wpretina2x"; ifdescription...
Zabbix Security Vulnerabilities
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix Server that stems from a received session cookie that can be used to access the front-end as a...