com.aconex.scrutineer:scrutineer (>=6.8.13-1 <=7.9.3), com.bbossgroups.plugins:bboss-elasticsearch (>=5.0.3.7.4 <=6.2.0) +21 more potentially affected by CVE-2025-68390 via org.elasticsearch.plugin:x-pack-core (>=6.8.11 <=7.9.3)

org.elasticsearch.plugin:x-pack-core MAVEN version =6.8.11, =6.8.13-1, =5.0.3.7.4, =5.0.3.6, =5.1.1, =5.1.1, =0.3.11, =0.3.11, =2.0.0, =3.3.0, =6.2.2.0, =1.0, =1.2.0, =1.6.1 and more Source cves: CVE-2025-68390 Source advisory: OSV:GHSA-GPHJ-4H6P-37XQ...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +1836 more potentially affected by CVE-2020-7019 via org.elasticsearch:elasticsearch (>=0.6.0 <=6.8.11)

org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.2.1 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-starter =5.2.0 and more Source cves: CVE-2020-7019 Source advisory: OSV:GHSA-C77J-P484-H84M...

CVE-2020-7017

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...

Synology Photo Station SQL Injection Vulnerability (CNVD-2017-27712)

Synology Photo Station is a solution for sharing pictures, videos and blogs over the Internet from Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in the synophotocsPhotoDB.php file in Synology Photo Station versions prior to 6.8.11-3489 and prior to 6.3-2977. The vulnerabili...

Synology Photo Station Path Traversal Vulnerability

Synology Photo Station is a solution for sharing pictures, videos and blogs over the Internet from Synology Inc. of Taiwan, China. A path traversal vulnerability exists in SYNO.PhotoStation.File in Synology Photo Station versions prior to 6.8.11-3489 and prior to 6.3-2977. A remote attacker can...

CVE-2019-11822

Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter...

PT-2019-12509 · Synology · Synology Photo Station

Name of the Vulnerable Software and Affected Versions: Synology Photo Station versions prior to 6.8.11-3489 Synology Photo Station versions prior to 6.3-2977 Description: The issue allows remote attackers to upload arbitrary files via the uploadphoto parameter, due to a relative path traversal...

PT-2019-12508 · Synology · Synology Photo Station

Name of the Vulnerable Software and Affected Versions: Synology Photo Station versions prior to 6.8.11-3489 Synology Photo Station versions prior to 6.3-2977 Description: The issue allows remote attackers to execute arbitrary SQL commands via the type parameter in the synophoto csPhotoDB.php file...