EUVD-2025-38048

Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...

CVE-2025-62950 WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...

CVE-2021-35561 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.7.x through 9.7.5, 9.8.x through 9.8.2, and 9.9.x through 9.9.2, which stems from an inability to properly propagate privilege scheme updates...

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in Framework in Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1, which can be exploited by an attacker to elevate...

PT-2024-24990 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.9.x through 9.9.1 Mattermost versions 9.10.x through 9.10.0 Description: The issue arises when shared channels are enabled in Mattermost,...

CVE-2024-21876

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability via a URL parameter in Enphase IQ Gateway formerly known as Envoy allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...

Exploit for Improper Input Validation in Adobe Commerce

CVE-2022-24682 PoC How does this detection method work?...

PT-2023-32093 · Unknown +2 · Otrs Community Edition +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.46 OTRS versions 8.0.X through 8.0.36 OTRS Community Edition versions 6.0.X through 6.0.34 Description: An attacker who is logged into OTRS as a user with privileges to create and change customer user data may...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build problem analysis reports. A security vulnerability exists in JetBrains TeamCit...

VMware vRealize Orchestrator 代码问题漏洞

VMware vRealize Orchestrator is a workflow automation solution from VMware. It is designed to simplify the automation of complex IT tasks. A security vulnerability exists in VMware vRealize Orchestrator that originated when a malicious actor with unmanaged access to vRealize Orchestrator was able...

SUSE CVE-2009-2990

Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors...

SUSE CVE-2015-8080

Integer overflow in the getnum function in luastruct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox...

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...

CVE-2022-34467

A vulnerability has been identified in Mendix Excel Importer Module Mendix 8 compatible All versions V9.2.2, Mendix Excel Importer Module Mendix 9 compatible All versions V10.1.2. The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the...

PT-2022-3547 · Mendix · Mendix

Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.27 Mendix Applications using Mendix 8 versions prior to 8.18.14 Mendix Applications using Mendix 9 versions prior to 9.12.0 Mendix Applications using Mendix 9 V9.6 versions prior to...

UBUNTU-CVE-2021-22229

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

Directus Security Vulnerabilities

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus versions 8.x through 8.8.1, which can be exploited by an attacker to switch to the administrator role...

CVE-2017-18812

NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS...

CVE-2019-7000

A Cross-Site Scripting XSS vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 8.0.14. Prior versions not listed were not evaluated...