Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3687Cross-site scripting vulnerability in E-mail CWE-79 - CVE-2026-20711 CyVDB-3689Cross-site scripting vulnerability in Message CWE-79 - CVE-2026-22881 CyVDB-3995Improper input verification in...

EUVD-2018-14246

Malware in sbrugna...

EUVD-2024-47344

Malicious code in bioql PyPI...

The vulnerability of the formSetWAN_Wizard51() function (/goform/formSetWAN_Wizard51) in the D-Link DIR-619L router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formAdvanceSetup function /goform/formAdvanceSetup of the D-Link DIR-619L router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

CVE-2024-46666

An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests...

PT-2025-2746 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4 through 7.6.0 Description: An allocation of resources without limits or throttling vulnerability may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests directed at specific...

Le-yan Personnel and Salary Management System 信任管理问题漏洞

Le-yan Personnel and Salary Management System is a personnel and salary management system from Le-yan, a Chinese company. A security vulnerability exists in the Le-yan Personnel and Salary Management System, which originates from having hard-coded database accounts and passwords in the site sourc...

CVE-2022-1728

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...

The vulnerability of the MPLS Operation, Administration, and Maintenance (OAM) function of the Cisco NX-OS operating system allows a attacker to cause maintenance failures.

The vulnerability of the MPLS Operation, Administration, and Maintenance OAM function in the Cisco NX-OS operating system is related to the lack of checks on buffer length and reading beyond the memory boundary. Exploiting this vulnerability can allow a malicious actor to cause service...

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation exists because measures to neutralize special elements used in operating system commands have not been implemented. Exploiting this vulnerability can allow attackers to compromise the confidentialit...

The vulnerability of the .NET Framework log4net logging library, related to errors in restricting XML references to external objects (XXE), allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the logging library for the .NET Framework log4net is related to errors caused by XML references to external objects XXE. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

PT-2021-14514 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 740 through 755 Description: The issue allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which has a high impact on the...

Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully

If you are in Kazakhstan and unable to access the Internet service without installing a certificate, you're not alone. The Kazakhstan government has once again issued an advisory to all major local Internet Service Providers ISPs asking them to make it mandatory for all their customers to install...

CVE-2019-0241

SAP Work and Inventory Manager AgentrySDK , before 7.0, 7.1 allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2018-19495)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. A securi...

CVE-2018-2391

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service...

Error: "One or more issues were detected with your licensing configuration" during XenApp/XenDesktop upgrade to 7.16

When upgrading a Delivery Controller to version 7.16, a Citrix licensing error message might appear "One or more issues were detected with your licensing configuration. If unresolved, such issues will affect users' ability to access applications and desktops after the site upgrade"...

IBM Distributed Marketing Input Validation Vulnerability

IBM Distributed Marketing is an omni-channel marketing solution from IBM USA. The solution is used to create, monitor and measure field marketing programs. An input validation vulnerability exists in IBM Distributed Marketing. An attacker could exploit the vulnerability to create instances, causi...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities in the linux-headers-2.6.24-etchnhalf.1-all-amd64 package of the Debian GNU/Linux operating system. Its operation may lead to violations of confidentiality, integrity, and accessibility of protected information...

The vulnerability of the MySQL database management system allows a malicious actor to cause service failures.

The vulnerability of the Oracle MySQL Server database management system allows unauthorized users, after passing authentication, to affect the accessibility of data by using the InnoDB subcomponent...