Fortinet FortiSIEM 跨站脚本漏洞

Fortinet FortiSIEM is a security information and event management system developed by the American company Fortinet. This system includes features such as asset discovery, workflow automation, and unified management. Versions of Fortinet FortiSIEM ranging from 7.3.0 to 7.3.4 contain a cross-site...

MiracleLinux 8 : php:7.4 (AXSA:2022-3573:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3573:01 advisory. php: Local privilege escalation via PHP-FPM CVE-2021-21703 php: SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 Tenable has extracted the preceding...

CVE-2025-48397

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

PT-2025-43827

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.0...

EUVD-2025-24462

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute...

PT-2025-4861 · Ibm · Ibm Tivoli Application Dependency Discovery Manager

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Application Dependency Discovery Manager versions 7.3.0.0 through 7.3.0.11 Description: This issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and...

WordPress FloristPress plugin <= 7.3.0 - Nonce Leakage to Broken Access Control vulnerability

Nonce Leakage to Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin FloristPress versions = 7.3.0...

CVE-2023-37734

EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

SAP Netweaver 跨站脚本漏洞

SAP Netweaver is a set of integrated service-oriented application platforms from SAP, a German company. SAP Netweaver is vulnerable to a cross-site scripting vulnerability in versions 700, 701, 702, and 730, which stems from under-coded user-controlled input. The vulnerability could be exploited ...

IBM QRadar SIEM Operating System Command Injection Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

Eclipse Che Cross-Site Request Forgery Vulnerability

Eclipse Che is the Eclipse Foundation's set of Java-based open source online integrated development environment IDE. A cross-site request forgery vulnerability exists in Eclipse Che versions 6.16 through 7.3.0. The vulnerability stems from a WEB application that does not adequately validate that ...

IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2019-41416)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A cross-site...

IBM QRadar SIEM Authorization Issues Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An authorization...

CVE-2017-13652

NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...

Cisco TelePresence Collaboration Desk and Room Endpoints TC Software Open Redirect Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. An open redirection vulnerability exists in the login page of Cisco TC Software versions prior to 6.3-26 and prior to 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints appliances, which could allow an...

2022-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 (KB5015730)

2022-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 KB5015730...