7 matches found
PT-2025-54471
Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions prior to 11.4 Description A stored cross-site scripting issue exists in Esri ArcGIS Server. In certain configurations, a remote, unauthenticated attacker can store files containing malicious code that may execute...
PT-2025-46947
Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11 Description Mattermost versions before 11 do not enforce multi-factor authentication on WebSocket connections. This allows unauthenticated users to access sensitive information through WebSocket events...
SUSE-SU-2025:3835-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.29+7 October 2025 CPU: - CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. - CVE-2025-53066: Fixed...
PT-2023-25601
Name of the Vulnerable Software and Affected Versions Digital Ant E-Commerce Software versions prior to 11 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
PT-2023-25606
Name of the Vulnerable Software and Affected Versions Digital Ant E-Commerce Software versions prior to 11 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker c...
PT-2021-21322 · Synel · Synel Reports +1
Name of the Vulnerable Software and Affected Versions: SYNEL eharmonynew versions prior to 11 Synel Reports versions prior to 11 Synel Reports version 8.0.2 Description: The issue allows an attacker to log in to the system with default credentials and export a report of the eharmony system with...
PT-2021-23097 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.0 Description: A cross-site request forgery issue has been discovered in the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface. This issue can be exploited withou...