CVE-2023-37524

Technical details (affected product/version, root cause, and remediation) are not publicly available in the provided documents. Monitor for updates from official sources regarding CVE-2023-37524.

EUVD-2023-60599

HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...

CVE-2026-56370

An out-of-bounds access vulnerability exists in ImageMagick's ConnectedComponentsImage function. By passing malformed connected-components definitions through the CLI, an attacker can cause a denial of service or potentially execute arbitrary code. Mitigation Prevent the injection of malformed...

CVE-2026-57875

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

Linux Distros Unpatched Vulnerability : CVE-2026-56370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with inval...

CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

CVE-2026-56370

ImageMagick: CVE-2026-56370 is an out-of-bounds access vuln in ConnectedComponentsImage() when handling malformed connected-components artifacts, affecting ImageMagick before version 7.1.2-19. An invalid indices scenario via CLI can trigger access violations, potentially causing denial of service...

EUVD-2026-38756

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

Security Bulletin: Security Vulnerabilities were found in IBM Security Verify Directory (CVE-2018-2799)

Summary Security Vulnerabilities were addressed in IBM Security Verify Directory Vulnerability Details CVEID:CVE-2018-2799 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171,...

DEBIAN-CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

CVE-2026-52725

Angular CVE-2026-52725 concerns an issue in the @angular/core dynamic component creation flow. The vulnerability allows bypassing script-execution restrictions by mounting a dynamic component directly onto a [removed] tag or namespaced script element when a user-controlled host/selector is suppli...

EUVD-2026-38277

IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 through 8.2.1.0 could allow a remote attacker to bypass authentication due to the use of a hardcoded credential in the FlashCopy Manager FCM authentication mechanism. The application contains a...

CVE-2026-33245

A flaw was found in React Router. This vulnerability, a type of Cross-Site Scripting XSS, affects applications utilizing React Router's unstable React Server Components RSC APIs. A remote attacker could exploit this by sending untrusted redirects, leading to the execution of malicious scripts in...

CVE-2026-44914

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

CVE-2026-44914

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

CVE-2026-44914

Apache NiFi versions 1.12.0–2.9.0 are vulnerable to missing authorization when replacing Process Groups that include extension components with the Restricted annotation. The Restricted annotation signals higher privileges, but framework authorization did not enforce restricted status during repla...

CVE-2026-44914 Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

EUVD-2026-38219

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

PT-2026-51387

Name of the Vulnerable Software and Affected Versions Filament versions 4.0.0 through 4.11.4 Filament versions 5.0.0 through 5.6.4 Description The login page contains a timing discrepancy that enables unauthenticated attackers to perform email enumeration. This allows an attacker to determine if ...