10 matches found
Parse Server 信息泄露漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. Versions of Parse Server prior to 9.6.0-alpha.9 and 8.6.35 contained a vulnerability related to information leakage. This vulnerability stemmed from the ability of...
CVE-2025-64192
Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...
EUVD-2025-204087
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...
PT-2024-5283 · Siemens · Siprotec 5
Name of the Vulnerable Software and Affected Versions: SIPROTEC 5 6MD84 CP300 versions prior to V9.64 SIPROTEC 5 6MD85 CP200 versions prior to V9.64 SIPROTEC 5 6MD85 CP300 versions prior to V9.64 SIPROTEC 5 6MD86 CP200 versions prior to V9.64 SIPROTEC 5 6MD86 CP300 versions prior to V9.64 SIPROTE...
Hitachi Energy Asset Suite 安全漏洞
Hitachi Energy Asset Suite is a powerful suite from Hitachi, Japan. standardizes and streamlines enterprise asset management workflows to maximize employee productivity and improve asset performance. A security vulnerability exists in Hitachi Energy Asset Suite versions prior to 9.6.3.13 and prio...
OESA-2024-1065 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...
AZL-43951 CVE-2023-48795 affecting package podman 4.1.1-26
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...
ALPINE-CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...
PT-2022-24550
Name of the Vulnerable Software and Affected Versions: Click Studios Passwordstate versions prior to 9.6 build 9653 Click Studios Passwordstate Browser Extension Chrome versions prior to 9.6 build 9653 Description: A critical vulnerability was found in Click Studios Passwordstate and Passwordstat...
CVE-2020-8574
Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation JMX RMI service enabled allowing unauthorized code execution to local users...