8 matches found
DoS (Denial of Service) axios Dependency in Bamboo Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-1190 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.3)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
CVE-2025-53105
GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change th...
CVE-2025-53105
Technical details beyond what is in the initial document are not publicly available in the provided materials. Monitor for updates on affected versions (10.0.0–10.0.18) and patch 10.0.19.
OESA-2025-1416 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0...
PT-2024-8753 · Mendix · Mendix Encryption
Name of the Vulnerable Software and Affected Versions: Mendix Encryption versions 10.0.0 through 10.0.1 Description: A vulnerability has been identified in the Mendix Encryption module, where affected versions define a specific hard-coded default value for the EncryptionKey constant. This default...
TYPO3 Elevation of Privilege Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 versions 9.0.0 through 9.5.19 and 10.0.0 through 10.4.5. An attacker can exploit the vulnerability to elevate privileges...
Cybozu Office Information Disclosure Vulnerability (CNVD-2018-15524)
Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A security vulnerability exists in Cybozu Office versions 10.0.0 through 10.7.0. A remote attacker can exploit the vulnerability to display an image located on an external server...