6 matches found
Security Bulletin: There is a vulnerability in picomatch-2.3.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-33671)
Summary There is a vulnerability in picomatch-2.3.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regula...
PT-2026-6247
Name of the Vulnerable Software and Affected Versions themelooks Enter Addons versions prior to 2.3.3 Description A Cross-Site Request Forgery CSRF issue exists in themelooks Enter Addons. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The issue...
Deserialization of Untrusted Data
Overview nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the deserialization of untrusted data. An attacker can execute arbitrary code and tamper with data by providing specially crafted input th...
PT-2025-32379
Name of the Vulnerable Software and Affected Versions OpenBao versions 2.3.1 and below Description OpenBao is a software solution for managing, storing, and distributing sensitive data. In affected versions, accounts with access to highly-privileged identity entity systems in root namespaces coul...
PT-2023-7467
Name of the Vulnerable Software and Affected Versions Apache Airflow Drill Provider versions prior to 2.3.2 Description The issue is related to improper input validation in the Apache Airflow Drill Provider. This can allow a remote attacker to impact the confidentiality of protected information...
Improper Input Validation
Overview sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with...