CVE-2026-24511

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sensitive information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information...

EUVD-2025-31094

Malicious code in bioql PyPI...

CVE-2025-36601

Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2025-36601

Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2023-25940

Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isigatherinfo. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees...

CVE-2023-25940

Dell PowerScale OneFS 9.5.0.0 has an improper link resolution before file access in isi_gather_info, enabling a high-privilege local attacker to potentially take over the system and break compliance mode guarantees. Affected component: isi_gather_info in PowerScale OneFS; root cause: incorrect li...

PT-2023-20373 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS version 9.5.0.0 Description: The issue is related to improper link resolution before file access in the isi gather info function. A local attacker, potentially with low privileges, could exploit this, leading to system...

CVE-2021-4266

A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible t...

Cross site scripting

A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible t...

CVE-2017-1445

IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...

CVE-2017-1445

IBM Emptoris Spend Analysis 9.5.0.0–10.1.1 is vulnerable to cross-site scripting in the Web UI, allowing arbitrary JavaScript execution that could disclose credentials within a trusted session. The IBM bulletin lists fixes across versions (e.g., 9.5.x through 10.1.x) and recommends applying the a...