Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 10.0.4 or higher. References - Vulnerability Advis...

CVE-2025-66602

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm. The affected products and versions are ...

PT-2026-7061

Name of the Vulnerable Software and Affected Versions FAST/TOOLS versions R9.01 through R10.04 Description The software does not properly validate request headers. An attacker inserting an invalid host header could redirect users to malicious sites. The vulnerable component is susceptible to host...

FRRouting 安全漏洞

FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 4.0 through 10.4.1, which stems from a null pointer dereference in the showvtyextlinkrmtitfaddr function, which could lead to a denial o...

SUSE-RU-2023:3956-1 Recommended update for mariadb104

This update for mariadb104 fixes the following issues: - Implement version 10.4 of MariaDB jscPED-2455: It is possible to use more than one authentication plugin for each user account. The root user account is being created with the ability to use two authentication plugins. All user accounts,...

PT-2023-5221 · Ibm · Ibm Security Verify Information Queue

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.4 through 10.0.5 Description: The issue is related to a flaw in the error reporting mechanism of IBM Security Verify Information Queue, which could allow a remote attacker to obtain sensitiv...

IBM Security verify Information Queue 安全漏洞

IBM Security Verify Information Queue is an integration product from International Business Machines IBM. utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A security vulnerability exists in IBM Security Verify Information Queue versions 10.0...

IBM Security Verify Information Queue 安全漏洞

IBM Security Verify Information Queue is an integration product from International Business Machines IBM. utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A security vulnerability exists in IBM Security Verify Information Queue versions 10.0...

UBUNTU-CVE-2022-39277

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. External links are not properly sanitized and can therefore be used for a Cross-Site Scripting XSS...

PT-2022-7398 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to the lack of proper sanitization of external links, which can be used for a Cross-Site Scripting XSS attack. This allows a remote attacker to exploit the vulnerability...

CVE-2021-27663

A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5...

CVE-2020-5986

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...

Veritas Technologies APTARE Information Disclosure Vulnerability

Veritas Technologies APTARE is a suite of predictive analytics software for backup, storage, and virtual infrastructures from Veritas Technologies, USA. The software supports features such as storage management and data center optimization. A security vulnerability exists in Veritas Technologies...

CVE-2020-12875

Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application...

Schneider Electric Tricon TCM Model Resource Management Error Vulnerability

Schneider Electric Tricon TCM Model 4351 and others are a communication module from Schneider Electric, France. A security vulnerability exists in the Schneider Electric Tricon TCM Model v10.3.x version and v10.4.x version. An attacker could exploit the vulnerability to reset the TCM module...

CVE-2020-7486

VERSION NOT SUPPORTED WHEN ASSIGNED A vulnerability could cause TCM modules to reset when under high network load in TCM v10.4.x and in system v10.3.x. This vulnerability was discovered and remediated in version v10.5.x on August 13, 2009. TCMs from v10.5.x and on will no longer exhibit this...

Apple macOS Catalina Mail component xss vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the Mail component of Apple macOS Catalina versions prior to 10.15.4. A remote attacker can exploit this vulnerability to execute arbitrary JavaScript code...

ZOHO ManageEngine Password Manager Pro Cross-Site Request Forgery Vulnerability

ZOHO ManageEngine Password Manager Pro is a password manager from ZOHO USA. A cross-site request forgery vulnerability exists in Zoho ManageEngine Password Manager Pro 10.4 and earlier versions, which stems from the program's failure to protect against cross-site request forgery attacks. An...

CVE-2019-4176

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 158881...

PT-2019-16917 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.2.0 through 10.4.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...