CVE-2026-39980

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

CVE-2026-39980 OpenCTI affected by RCE via notifier template

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

WordPress WP Visitor Statistics (Real Time Traffic) Plugin <= 6.9.4 is vulnerable to Sensitive Data Exposure

Software WP Visitor Statistics Real Time Traffic Type Plugin Vulnerable versions = 6.9.4 Fixed in 6.9.5 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-24867 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID...

SUSE CVE-2016-10052

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

WordPress WPCargo Track & Trace plugin <= 6.9.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Raul in WordPress WPCargo Track & Trace plugin versions = 6.9.4. Solution Update the WordPress WPCargo Track & Trace plugin to the latest available version at least 6.9.5...

CVE-2021-29141

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager versions prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-29140

A remote XML external entity XXE vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-29144

A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager versions prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

CVE-2021-26683

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying...

Cross site scripting

A remote unauthenticated stored cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a...

Aruba ClearPass Policy Manager 安全漏洞

Aruba ClearPass Policy Manager is a network access control NAC solution. An elevation of privilege vulnerability exists in ClearPass OnGuard prior to Aruba ClearPass Policy Manager versions 6.9.5, 6.8.8-HF1, and 6.7.14-HF1, which can be exploited by a locally authenticated user on Windows platfor...

CVE-2020-26159 affecting package oniguruma 6.9.5-2

CVE-2020-26159 affecting package oniguruma 6.9.5-2. A patched version of the package is available...

PT-2020-16316 · Oniguruma +1 · Oniguruma +1

Name of the Vulnerable Software and Affected Versions: Oniguruma version 6.9.5 rev1 Description: An issue exists where an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat opt exact str in src/regcomp.c. Recommendations: For...

CVE-2016-5010

coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TIFF file...

CVE-2016-10052

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

UBUNTU-CVE-2016-10056

Buffer overflow in the sixeldecode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

DEBIAN-CVE-2016-10056

Buffer overflow in the sixeldecode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

Buffer overflow

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

CVE-2016-10053

The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted file...

ImageMagick Buffer Overflow Vulnerability (CNVD-2017-03038)

ImageMagick is an open source image viewing and editing tool for Unix/Linux platforms. A buffer overflow vulnerability exists in the coders/tiff.c implementation in versions of ImageMagick prior to 6.9.5-1. It is possible for a remote attacker to exploit this vulnerability to cause a denial of...