314 matches found
CPython 安全漏洞
CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the plistlib module reading data without limiting the size, which could lead to out-of-memory and denial-of-service issues with malicious files...
Django 安全漏洞
Django is an open-source web framework based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Django has security vulnerabilities, which stem from SQL injection via the connector, potentially allowing...
CVE-2025-54168
A cross-site scripting XSS vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...
QNAP Notification Center 跨站脚本漏洞
QNAP Notification Center is a system event alert and notification software from Taiwan, China-based QNAP Technology QNAP. A cross-site scripting vulnerability exists in QNAP Notification Center versions 2.1.0.3443, 1.9.2.3163, and 3.0.0.3466, which stems from susceptibility to cross-site scriptin...
CVE-2025-53048
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Rich Text Editor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...
CVE-2025-53034
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...
EUVD-2025-35256
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...
EUVD-2025-35274
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
EUVD-2025-35298
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2025-10641 Unencrypted cleartext communication in EfficientLab WorkExaminer Professional
All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Portable Clusterware versions 19.3 through 19.28, 21.3 through...
Oracle Fusion Middleware 安全漏洞
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, and other capabilities.WebLogic Server is one of the application server components for...
Work Examiner Professional 安全漏洞
Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that originates when traffic between the monitoring client, console, and server is transmitted in clear text, which could allow an attacker ...
Oracle Health Sciences Applications 安全漏洞
Oracle Health Sciences Applications is a suite of clinical development solutions for the healthcare industry from Oracle Corporation. A security vulnerability exists in Oracle Life Sciences InForm version 7.0.1.0 for Oracle Health Sciences Applications, which originates from an HTTP web access...
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62391
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2013-5492
Malware in sbrugna...
EUVD-2019-5271
Malware in sbrugna...
EUVD-2006-4341
Malware in sbrugna...
EUVD-2007-2434
Malware in sbrugna...