PT-2026-35943

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter...

EUVD-2025-209591

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter...

CVE-2025-56534

A cross-site scripting XSS vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Oracle Linux 8 : .NET / 10.0 (ELSA-2026-4458)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4458 advisory. 10.0.104-1.0.1 - Add support for Oracle Linux 10.0.104-1 - Update to .NET SDK 10.0.104 and Runtime 10.0.4 - Resolves: RHEL-152949 Tenable has extracted...

Security Bulletin: IBM Transformation Extender Advanced is affected by unsafe Java deserialization.

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is affected by unsafe Java deserialization. Vulnerability Details CVEID:CVE-2023-49886 DESCRIPTION: IBM Standards Processing Engine could allow a remote attacker to execute arbitrary code on the system,...

EUVD-2023-53783

Malicious code in bioql PyPI...

Security Bulletin: IBM Transformation Extender Advanced is could allow user impersonation.

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, could allow an authenticated user to impersonate another user on the system. Vulnerability Details CVEID:CVE-2023-49881 DESCRIPTION: IBM Standards Processing Engine does not invalidate session after logou...

MAL-2025-6937 Malicious code in jenkins-trigger-action (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fedbad1242e09329c414a95c493ce62c39c15cad4472ef5fc4a8b9b836834fb4 The OpenSSF Package Analysis project identified...

CVE-2023-1917

The PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Halliburton LogView Pro Buffer Overflow Vulnerability

Halliburton LogView Pro is a text log viewing software. A buffer overflow vulnerability exists in Halliburton LogView Pro version 10.0.1. An attacker can exploit this vulnerability to cause a denial of service with a specially crafted .tif file...

CVE-2016-4677

An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...

Red Hat Ceph RGW Information Disclosure Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system based on POSIX Portable Operating System Interface without a single point of failure, so that data can be fault-tolerant and seamless replication...

HPE Network Node Manager Authentication Bypass Vulnerability

HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. An authentication bypass vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00, 10.01 tha...

HPE Network Node Manager Cross-Site Scripting Vulnerability

HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. A cross-site scripting vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00, 10.01, whic...

CVE-2016-2012

HPE Network Node Manager i NNMi 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors...