CVE-2026-31721 affecting package kernel for versions less than 6.6.137.1-2

CVE-2026-31721 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-31615 affecting package kernel for versions less than 6.6.137.1-1

CVE-2026-31615 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-24713

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

CVE-2025-14480

CVE-2025-14480 affects IBM Aspera faspio Gateway 1.3.6. The Red Hat/NVD entries and IBM security bulletin describe use of weaker than expected cryptographic algorithms (CWE-327), which could allow an attacker to decrypt highly sensitive information. The vulnerability is associated with 1.3.6 and ...

CVE-2026-26050

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

RICOH ジョブログ集計/分析ソフトウェア 代码问题漏洞

RICOH Job Log Aggregation/Analysis Software is a tool developed by the Japanese RICOH company for aggregating job logs. Versions of RICOH Job Log Aggregation/Analysis Software prior to version 1.3.7 contained code vulnerabilities. These vulnerabilities were caused by issues with the DLL search...

Vivotek IP7137 操作系统命令注入漏洞

The Vivotek IP7137 is an IP camera from China's Vivotek Communications Vivotek. An operating system command injection vulnerability exists in the Vivotek IP7137 version 0200a, which stems from improper cleanup of the parameter systemntpIt, and could lead to a command injection attack...

CVE-2012-10055 ComSndFTP v1.3.7 Beta USER Format String RCE

ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...

CVE-2024-38731

Cross-Site Request Forgery CSRF vulnerability in Marsian i-amaze allows Cross Site Request Forgery.This issue affects i-amaze: from n/a through 1.3.7...

Malicious code in aws-sdk-js-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e64c49f08b91cb456113ae44bbd8efc8280a1c79aa45ca1bd0f019c4af6ad873 The OpenSSF Package Analysis project identified 'aws-sdk-js-v3' @ 1.3.7 npm as malicious. It is considered malicious because: - The package...

CVE-2022-38368

An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands...