CVE-2026-41322

@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from astro path with an incorrect/malformed if-match header returns a 500 error with a one year cache lifetime instead of 412 in some cases. This has the effect that all...

CVE-2024-45671 IBM Security Verify Information Queue information disclosure

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-45671

IBM Security Verify Information Queue (ISIQ) versions 10.0.5–10.0.8 use weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The available connected sources confirm this vulnerability exists in ISIQ and note remediation is to upgrade to the latest ...

IBM Security Verify Information Queue 加密问题漏洞

IBM Security Verify Information Queue is an integration product from International Business Machines IBM, Inc. utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A cryptographic issue vulnerability exists in IBM Security Verify Information Que...

Linux Distros Unpatched Vulnerability : CVE-2022-41941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may...

CVE-2025-54044

CVE-2025-54044 is a reflected XSS vulnerability in WordPress Elite Video Player

Malicious code in testing123kk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bebd39f4de86af5e9634fbfda5f8c97794b597b1066c2fcd32e3a2068569280d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2025-30986

Cross-Site Request Forgery CSRF vulnerability in CreativeMedia Elite Video Player elite-video-player allows Cross Site Request Forgery.This issue affects Elite Video Player: from n/a through = 10.0.5...

CVE-2025-30986

Cross-Site Request Forgery CSRF vulnerability in CreativeMedia Elite Video Player elite-video-player allows Cross Site Request Forgery.This issue affects Elite Video Player: from n/a through = 10.0.5...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is used by IBM Rational ClearQuest (CVE-2024-37532)

Summary IBM WebSphere Application Server WAS is used by IBM Rational ClearQuest server and web components. Information about security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

Vulnerabilities fixed in Zimbra Collaboration Suite

Zimbra has fixed vulnerabilities in the Zimbra Collaboration Suite ZCS. A malicious party could exploit the vulnerabilities to execute attacks that could lead to the execution of an Cross-Site Scripting XSS Zimbra has released updates to fix the vulnerabilities in ZCS 10.0.5, 9.0.0 Patch 37 and...

CVE-2023-33834

IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-force ID: 256014...

CVE-2023-33835

IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 256015...

Jetty WEB-INF File Disclosure

Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access protected files in the WEB-INF folder. Versions effected are: 9.4.37.v20210219, 9.4.38.v20210224 and 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5. Exploitation can obtain any file in the WEB-INF folder, bu...

Low: tomcat7

Issue Overview: A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to...

Eclipse Jetty Information Disclosure Vulnerability (GHSA-vjv5-gp2w-65vm) - Linux

Eclipse Jetty is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty"...

Apache Tomcat JNDI Realm Authentication Weakness Vulnerability (Jul 2021) - Linux

Apache Tomcat is prone to an authentication weakness vulnerability in the JNDI Realm. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

VMware Workstation Multiple Vulnerabilities (May 2016) - Windows

VMware Workstation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:workstation";...

Dell Netvault Backup 10.0.1.24 - Denial of Service

""" Product: Dell Netvault Backup Link: http://software.dell.com/products/netvault-backup/ Vendor: Dell Vulnerable Versions: 10.0.1.24 and probably prior Tested Version: Version 10.0.1.24 Advisory Publication: July 30, 2015 Vendor Notification: January 9, 2015 Public Disclosure: July 30, 2015...

Dell Netvault Backup Integer Overflow Vulnerability

Dell Netvault Backup is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...