BIT-PARSE-2026-32886 Parse Server's Cloud function dispatch crashes server via prototype chain traversal

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.47, remote clients can crash the Parse Server process by calling a cloud function endpoint with a crafted function name that traverses the JavaScript prototype chain of a...

EUVD-2026-0864

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

CVE-2024-30451

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in INFINITUM FORM Geo Controller allows Stored XSS.This issue affects Geo Controller: from n/a through 8.6.4...

EasyVirt DC Scope和EasyVirt CO2 Scope SQL注入漏洞

EasyVirt DC Scope and EasyVirt CO2 Scope are both products of EasyVirt France.EasyVirt DC Scope is a monitoring and management solution for VMware Virtualization VMware.EasyVirt CO2 Scope is a real-time monitoring and control solution of CO2 emissions of IT services, virtual machines and servers ...

Infoblox NIOS 访问控制错误漏洞

Infoblox NIOS is a system for managing and automating network devices and services from Infoblox, Inc. It is used to automate the configuration and management of networks and to ensure stable network operation. A security vulnerability exists in Infoblox NIOS version 8.6.4 and prior versions, whi...

Infoblox NIOS 安全漏洞

Infoblox NIOS is a system for managing and automating network devices and services from the US company Infoblox. It is used to automate the configuration and management of networks and to ensure stable network operation. A security vulnerability exists in Infoblox NIOS version 8.6.4 and prior...

Infoblox NIOS 输入验证错误漏洞

Infoblox NIOS is a system for managing and automating network devices and services from Infoblox, Inc. It is used to automate the configuration and management of networks and to ensure stable network operation. A security vulnerability exists in Infoblox NIOS version 8.6.4 and earlier and version...

PT-2024-23272 · Unknown · Infinitum Form Geo Controller

Name of the Vulnerable Software and Affected Versions: INFINITUM FORM Geo Controller versions n/a through 8.6.4 Description: The issue is related to Deserialization of Untrusted Data, which affects the Geo Controller. Recommendations: For versions n/a through 8.6.4, at the moment, there is no...

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...