CVE-2026-8646

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...

CVE-2026-42585

A flaw was found in Netty. This vulnerability allows a remote attacker to perform request smuggling attacks due to incorrect parsing of malformed Transfer-Encoding headers. By exploiting this flaw, an attacker can bypass security controls and potentially access sensitive information or manipulate...

Kanboard SQL注入漏洞

Kanboard is a set of open-source visualization taskboards developed by Kanboard. This software allows for the customization of panels according to business needs. Versions of Kanboard prior to 1.2.51 contained a SQL injection vulnerability. This vulnerability could lead to the exposure of databas...

Cloud Foundry 安全漏洞

Cloud Foundry is an open-source Platform as a Service PaaS cloud computing platform developed by the Cloud Foundry Foundation in the United States. This product offers features such as container scheduling, continuous delivery, and automated service deployment. There is a security vulnerability i...

Media Streaming add-on 缓冲区错误漏洞

The Media Streaming add-on is a supplementary component for media streaming. The Media Streaming add-on has a buffer error vulnerability, which stems from out-of-bounds reading. This vulnerability could allow attackers to obtain sensitive data after gaining access to the local network...

CVE-2025-63662

Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information...

Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats

Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data...

CVE-2025-58585

Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering...

CVE-2023-50301

IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files that could be read by a local user...

The vulnerability of the Dell NetWorker backup and data recovery system lies in the choice of a less secure algorithm during configuration processes, allowing attackers to expose the protected information.

The vulnerability of the Dell NetWorker backup and recovery system lies in the choice of a less secure algorithm during configuration processes. Exploiting this vulnerability could allow an attacker, operating remotely, to expose the protected information...

USN-7559-1 systemd vulnerability

Qualys discovered that systemd incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to expose sensitive information...

CVE-2024-37046

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have already fixed the...

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

go-retryablehttp: url might write sensitive information to log file

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...

CVE-2024-30128

HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information...

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the lack of authentication procedures. This allows attackers to bypass security restrictions and expose sensitive information.

The vulnerability of the Magento Open Source and Adobe Commerce software platforms for developing and managing online stores is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and expose sensitive...

The vulnerability of the ODBC library for UNIX systems, related to the pointer displacement beyond the allocated memory range, allows attackers to access confidential data and also trigger a service failure.

The vulnerability of the ODBC library for UNIX systems is related to the pointer shifting beyond the allocated memory range. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service failures...

CVE-2023-47221

A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version:...

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

PT-2023-8511 · Qnap · Qnap Qts +2

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.5.2645 build 20240116 QNAP QuTS hero versions prior to h5.1.5.2647 build 20240118 QNAP QuTScloud versions prior to c5.1.5.2651 Description: A path traversal vulnerability has been reported to affect several QNAP...