Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3687Cross-site scripting vulnerability in E-mail CWE-79 - CVE-2026-20711 CyVDB-3689Cross-site scripting vulnerability in Message CWE-79 - CVE-2026-22881 CyVDB-3995Improper input verification in...

EUVD-2018-14246

Malware in sbrugna...

EUVD-2024-47344

Malicious code in bioql PyPI...

CVE-2024-46666

An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests...

PT-2025-2746 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4 through 7.6.0 Description: An allocation of resources without limits or throttling vulnerability may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests directed at specific...

Le-yan Personnel and Salary Management System 信任管理问题漏洞

Le-yan Personnel and Salary Management System is a personnel and salary management system from Le-yan, a Chinese company. A security vulnerability exists in the Le-yan Personnel and Salary Management System, which originates from having hard-coded database accounts and passwords in the site sourc...

CVE-2022-1728

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...

PT-2021-14514 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 740 through 755 Description: The issue allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which has a high impact on the...

Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully

If you are in Kazakhstan and unable to access the Internet service without installing a certificate, you're not alone. The Kazakhstan government has once again issued an advisory to all major local Internet Service Providers ISPs asking them to make it mandatory for all their customers to install...

CVE-2019-0241

SAP Work and Inventory Manager AgentrySDK , before 7.0, 7.1 allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2018-19495)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. A securi...

CVE-2018-2391

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service...

Error: "One or more issues were detected with your licensing configuration" during XenApp/XenDesktop upgrade to 7.16

When upgrading a Delivery Controller to version 7.16, a Citrix licensing error message might appear "One or more issues were detected with your licensing configuration. If unresolved, such issues will affect users' ability to access applications and desktops after the site upgrade"...

IBM Distributed Marketing Input Validation Vulnerability

IBM Distributed Marketing is an omni-channel marketing solution from IBM USA. The solution is used to create, monitor and measure field marketing programs. An input validation vulnerability exists in IBM Distributed Marketing. An attacker could exploit the vulnerability to create instances, causi...

Moderate: Red Hat Security Advisory: device-mapper-multipath security update

Updated device-mapper-multipath packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The device-mapper multipath packages provide tools to manage multipath...

Linux Kernel 'atm module' Local Denial of Service

net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service kernel infinite loop by making two calls to svclisten for the same socket, and then reading a /proc/net/atm/vc file, related to corruption of the vcc table...

Livingston PortMaster ComOS Malformed Packet Remote DoS

It was possible to crash the remote Livingston portmaster by overflowing its buffers by sending several times the two chars : 0xFF 0xF3 An attacker may use this flaw to prevent you to use your internet access. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10182;...