CVE-2025-62607

Nautobot Single Source of Truth (SSoT) before version 3.10.0 exposed an unauthenticated configuration page that lets an attacker view the ServiceNow public instance name (e.g., companyname.service-now.com). The issue is information disclosure of low-value data; no secrets or credentials are expos...

GitLab Enterprise Edition和GitLab Community Edition安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE versions 11.8 through 15.5.7 prior, 15...

Rusici Software SCORM Engine 跨站脚本漏洞

Rusici Software SCORM Engine is an integratable learning standards platform from Rusici Software, USA. It provides a common API for learning applications to properly import, launch and track standardized e-learning content. A security vulnerability exists in Rusici Software SCORM Engine versions...

CVE-2020-18468

Cross Site Scripting XSS vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM9.1/index.php/configuration...