CVE-2025-36105

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

CVE-2025-36105

Affected product: IBM Planning Analytics Advanced Certified Containers (versions 3.1.0–3.1.4). Description: local privileged user can obtain sensitive information from environment variables due to cleartext storage in env vars (CWE-526). Impact: information disclosure at a local level. Mitigation...

CVE-2025-36105 IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

CVE-2025-36105 IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

CVE-2025-36105

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

PT-2026-24166

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

IBM Planning Analytics Advanced Certified Containers 安全漏洞

IBM Planning Analytics Advanced Certified Containers is a containerized enterprise planning and analysis software deployment component provided by the American multinational company IBM. Versions 3.1.0 to 3.1.4 of IBM Planning Analytics Advanced Certified Containers contain security...

@openinc/parse-server-opendash (>=3.0.0 <=3.30.0), @servable/parse-server-engine (>=1.6.0 <=1.17.0) +5 more potentially affected by CVE-2026-30850 via parse-server (=8.6.78)

parse-server NPM version =8.6.78 is affected by a known vulnerability. The following packages have a transitive dependency on parse-server and may be impacted: - @openinc/parse-server-opendash =3.0.0, =1.6.0, =1.0.0, =1.0.3, =2.0.0, =2.0.0, =0.0.1, =0.1.0 Source cves: CVE-2026-30850 Source...

Security Bulletin: IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability

Summary A vulnerability was addressed in IBM Planning Analytics Advanced Certified Containers. Vulnerability Details CVEID:CVE-2025-36105 DESCRIPTION: IBM Planning Analytics Advanced Certified Containers could allow a local privileged user to obtain sensitive information from environment variable...

DRUPAL-CONTRIB-2026-024

The Google Analytics GA4 module enables users to add custom attributes to the script tag used to load the Google Analytics library. The module does not sufficiently sanitize these attributes. This vulnerability is mitigated by the fact that an attacker must have a role with the "ga4 configure" or...

PT-2026-23112

Name of the Vulnerable Software and Affected Versions Drupal Google Analytics GA4 versions prior to 1.1.14 Description The Google Analytics GA4 module does not properly sanitize custom attributes added to the script tag used to load the Google Analytics library, leading to a Cross-Site Scripting...

Google Analytics GA4 - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-024

The Google Analytics GA4 module enables users to add custom attributes to the script tag used to load the Google Analytics library. The module does not sufficiently sanitize these attributes. This vulnerability is mitigated by the fact that an attacker must have a role with the "ga4 configure" or...

WordPress Analytics Cat plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Analytics Cat versions = 1.1.2...

Empowering Future Cybersecurity Leaders: Advancing Students through FINDS Education for Digital Forensic Excellence

The Forensics Investigations Network in Digital Sciences FINDS Research Center of Excellence CoE, funded by the U.S. Army Research Laboratory, advances Digital Forensic Engineering Education DFEE through an integrated research education framework for AI enabled cybersecurity workforce development...

CVE-2025-69323

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Reflected XSS.This issue affects Slimstat Analytics: from n/a through = 5.3.2...

CVE-2025-68028

Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through = 2.10.0...

CVE-2025-68032

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through = 3.19.0...

CVE-2025-69323

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Reflected XSS.This issue affects Slimstat Analytics: from n/a through = 5.3.2...

CVE-2025-68032

Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through = 3.19.0...

CVE-2025-68028

Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from n/a through = 2.10.0...