16 matches found
EUVD-2025-206097
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...
Esri ArcGIS Server 跨站脚本漏洞
Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A cross-site scripting vulnerability exists in Esri ArcGIS Server version 11.4 and earlier, which stems from a stored cross-site scripting issue that could lead to malicious...
CVE-2025-57878
The CVE-2025-57878 affects Esri Portal for ArcGIS
CVE-2025-40631
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...
CVE-2025-40631
CVE-2025-40631 describes an HTTP Host header injection affecting IceWarp Mail Server, version 11.4.0. By modifying the Host header and delivering a payload, arbitrary JavaScript can be executed on the loaded page when a user interacts with a malicious link (redirect). The vulnerability is tied to...
CVE-2025-40631 HTTP host header injection vulnerability in IceWarp Mail Server
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...
CVE-2025-40630 Open redirection vulnerability in IceWarp Mail Server
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...
CVE-2025-40630
IceWarp Mail Server ≤11.4.0 suffers an open redirect vulnerability. The issue is triggered by crafting malicious URLs that redirect users to arbitrary external domains (examples show vulnerable URL formats). Root cause is improper handling of target URLs leading to redirects. Affected product/ver...
IBM Security Guardium 安全漏洞
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An authentication error vulnerability exists in IBM Securit...
PT-2023-4436 · Jt Open +1 · Jt Open +1
Name of the Vulnerable Software and Affected Versions: JT Open versions prior to V11.4 JT Utilities versions prior to V13.4 Description: A vulnerability has been identified in the affected applications, which contain an out of bounds read past the end of an allocated structure while parsing...
CVE-2023-37613
A cross-site scripting XSS vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter...
SUSE CVE-2019-2987
Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...
UBUNTU-CVE-2019-2894
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Intel Saffron admin application elevation of privilege vulnerability
Intel Saffron admin application is a Saffron management application from Intel Corporation USA. A security vulnerability exists in Intel Saffron admin application versions prior to 11.4. An attacker can exploit the vulnerability to elevate privileges and access unauthorized information...
Micro Focus Solutions Business Manager Cross-Site Scripting Vulnerability
Micro Focus Solutions Business Manager SBM is a suite of business process automation management solutions from Micro Focus UK. The solution is primarily used for process automation, including software development lifecycle and IT business process management. A cross-site scripting vulnerability...
Micro Focus Solutions Business Manager Information Disclosure Vulnerability
Micro Focus Solutions Business Manager SBM is a suite of business process automation management solutions from Micro Focus UK. The solution is primarily used for process automation, including software development lifecycle and IT business process management. A security vulnerability exists in Mic...