Linux Distros Unpatched Vulnerability : CVE-2026-35235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

EUVD-2025-208903

The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack...

EUVD-2026-4743

QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...

CVE-2026-24480

CVE-2026-24480 affects QGIS’ GitHub Actions workflow named “pre-commit checks.” Before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, the workflow used pull_request_target and checked out/executed untrusted PR code in a privileged context, allowing potential remote code execution and repository...

PT-2026-4840

Name of the Vulnerable Software and Affected Versions QGIS versions prior to commit 76a693cd91650f9b4e83edac525e5e4f90d954e9 Description The QGIS repository contained a GitHub Actions workflow named "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was susceptible ...

Basarsoft Netigma 跨站脚本漏洞

Basarsoft Netigma is a Geographic Information System GIS from Basarsoft Turkey. A cross-site scripting vulnerability exists in Basarsoft Netigma versions 6.3.3 through 6.3.5 prior to V8, which stems from improper input neutralization during web page generation and could lead to a stored cross-sit...

Linux Distros Unpatched Vulnerability : CVE-2018-2573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: GIS. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and...

Linux Distros Unpatched Vulnerability : CVE-2023-21887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable...

Linux Distros Unpatched Vulnerability : CVE-2021-2417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.25 and prior. Easily exploitable...

[SECURITY] Fedora 41 Update: qgis-3.40.5-2.fc41

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...

[SECURITY] Fedora 42 Update: qgis-3.42.1-2.fc42

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...

Number withdrawn

Esri ArcGIS Enterprise is a GIS Geographic Information System based software system from Environmental Systems Research Institute Esri, Inc. The system supports mapping and visualization, analysis, and data management. This CVE number has been withdrawn...

geographic-information-system.cioreview.com Cross Site Scripting vulnerability OBB-3854019

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Geomatika IsiGeo Web SQL注入漏洞

Geomatika IsiGeo Web is Geomatika's geographic information system GIS software for the collection, management, analysis, and visualization of geospatial data. A security vulnerability exists in Geomatika IsiGeo Web version 6.0, which originates from a vulnerability that allows an authenticated...

Precisely Spectrum Spatial Analyst 路径遍历漏洞

Precisely Spectrum Spatial Analyst is a Geographic Information System GIS solution from Precisely, Inc. A security vulnerability exists in Precisely Spectrum Spatial Analyst version 20.01 that stems from vulnerability to directory traversal attacks...

Precisely Spectrum Spatial Analyst 代码问题漏洞

Precisely Spectrum Spatial Analyst is a Geographic Information System GIS solution from Precisely, Inc. A security vulnerability exists in Precisely Spectrum Spatial Analyst version 20.01 that stems from vulnerability to directory traversal attacks...

mysql: Server: GIS unspecified vulnerability (CPU Jan 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

SUSE CVE-2014-8959

Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...

SUSE CVE-2018-2573

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: GIS. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...