313 matches found
CVE-2025-49175 affecting package xorg-x11-server for versions less than 1.20.10-16
CVE-2025-49175 affecting package xorg-x11-server for versions less than 1.20.10-16. A patched version of the package is available...
CVE-2025-37107
An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.18...
CVE-2024-51770
An information disclosure vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
Oracle MySQL Server 8.0.0 - 8.0.25 Security Update (cpujul2025) - Windows
Oracle MySQL Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
UBUNTU-CVE-2025-7259
An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...
CVE-2025-52559
Zulip is an open-source team chat application. From versions 2.0.0-rc1 to before 10.4 in Zulip Server, the /digest/ URL of a server shows a preview of what the email weekly digest would contain. This URL, though not the digest itself, contains a cross-site scripting XSS vulnerability in both topi...
PT-2025-27675 · Unknown · Zulip Server
Name of the Vulnerable Software and Affected Versions: Zulip Server versions 2.0.0-rc1 through 10.3 Description: The issue concerns a cross-site scripting XSS vulnerability in Zulip Server, specifically affecting the "/digest/" URL, which displays a preview of the email weekly digest. This...
BIT-MARIADB-MIN-2022-27382
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Itemfield::usedtables/updatedependmapfororder...
CVE-2025-5549
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...
ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +43 more potentially affected by CVE-2025-41235 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.2)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41235 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-10265481...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +64 more potentially affected by CVE-2025-41235 via org.springframework.cloud:spring-cloud-gateway-server (>=4.1.0 <=4.1.7)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.1.0, =0.2.0, =1.0.0, =1.0.0, =2024.1.0.0, =3.0.0.1, =15.0-RELEASE, =1.1.0, =4.2.3, =1.3.0, =0.10.2, =1.5.1, =1.6.0 and more Source cves: CVE-2025-41235 Source advisory: OSV:GHSA-6J2Q-C73V-97C5...
CVE-2023-32677
Zulip is an open-source team collaboration tool with unique topic-based threading. Zulip administrators can configure Zulip to limit who can add users to streams, and separately to limit who can invite users to the organization. In Zulip Server 6.1 and below, the UI which allows a user to invite ...
CVE-2023-47585
Out-of-bounds read vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed...
CVE-2022-46785
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS issue 1 of 2...
CVE-2022-29524
Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...
CVE-2020-7203
A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution...
CVE-2020-15573
SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421...
CVE-2025-40630
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...
PT-2025-20034 · Unknown · Boinc Server
Name of the Vulnerable Software and Affected Versions: BOINC Server versions prior to 1.4.3 Description: The issue is related to a Cross-Site Request Forgery CSRF problem. This allows for Cross-Site Request Forgery. Recommendations: For versions prior to 1.4.3, update to version 1.4.3 or later to...
Mattermost Server 9.11.x < 9.11.10 / 10.4.x < 10.4.3 / 10.5.x < 10.5.1 / 10.6.0 (MMSA-2024-00401)
The version of Mattermost Server installed on the remote host is prior to 9.11.10, 10.4.3, or 10.5.1 / 10.6.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00401 advisory. - Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.9 fail to restrict...