PT-2026-37690

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

CVE-2025-13774

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

PT-2026-2444

Name of the Vulnerable Software and Affected Versions Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 Description An SQL injection issue exists in Progress Flowmon ADS that allows authenticated users to execute unintended SQL queries and commands. The issue allows for the execution of...

EUVD-2020-5535

Malware in sbrugna...

PT-2024-32291 · Opendaylight · Opendaylight Md-Sal

Name of the Vulnerable Software and Affected Versions: OpenDaylight Model-Driven Service Abstraction Layer MD-SAL versions through 13.0.1 Description: A controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. Recommendations: For OpenDaylight...

Foxit PhantomPDF Multiple Vulnerabilities (June-2 2024)

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

PT-2024-20760 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 8.7.57 ELTS TYPO3 versions prior to 9.5.46 ELTS TYPO3 versions prior to 10.4.43 ELTS TYPO3 versions prior to 11.5.35 LTS TYPO3 versions prior to 12.4.11 LTS TYPO3 versions prior to 13.0.1 Description: The plaintext val...

MAL-2023-8692 Malicious code in @dle-multiform-angular-component/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 820657ccb39c885de6a5d6006ee75064ffa46699e8af105375b12a67436649fc The OpenSSF Package Analysis project identified '@dle-multiform-angular-component/core' @ 13.0.1 npm as malicious. It is considered malicious...

SugarCRM 13.0.1 Shell Upload

------------------------------------------------------------------------------- SugarCRM = 13.0.1 setnoteattachment Unrestricted File Upload Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions:...

CVE-2023-2069

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables...

CVE-2023-21583 Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Bridge versions 12.0.3 and earlier and 13.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...

GHSA-RPJ2-W6FR-79HC Keycloak vulnerable to Improper Certificate Validation

keycloak accepts an expired certificate by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity. This issue was partially fixed in version 13.0.1 and more completely fixed in version 14.0.0...

GitLab 12.10.x - 12.10.6, 13.0.0 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

UBUNTU-CVE-2020-13276

User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1...

UBUNTU-CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-17654)

The F5 BIG-IP Edge Gateway serves as an access solution that provides SSL VPN remote access, security, application acceleration and high availability for remote users. A denial of service vulnerability exists in F5 BIG-IP versions 13.0.1 and 13.1.0.4 through 13.1.0.7 due to an unspecified flaw in...