PT-2026-50026

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM component: Siebel Cloud Manager. Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud...

Security Bulletin: IBM SPSS Modeler is vulnerabile to SSL private key exposure (CVE-2023-33842)

Summary An SSL private key exposure in IBM SPSS Modeler could allow a local user to decrypt and obtain sensitive information Vulnerability Details CVEID:CVE-2023-33842 DESCRIPTION: IBM SPSS Modeler on Windows requires the end user to have access to the server SSL key which could allow a local use...

CVE-2025-69377

CVE-2025-69377 : WordPress WordPress User Extra Fields plugin (wp-user-extra-fields)

CVE-2025-69376 WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fields: from n/a through = 17.0...

UBUNTU-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO in WordPress Plugin User Extra Fields versions = 17.0...

CVE-2025-65962

Summary (CVE-2025-65962): Tuleap Community Edition versions prior to 17.0.99.1763803709 and Tuleap Enterprise Edition versions prior to 17.0-4 and 16.13-9 are affected by missing CSRF protections in tracker field dependencies, which can allow attackers to modify tracker fields. Impact: unauthoriz...

CVE-2025-64498 Tuleap has a Cross-Site Request Forgery (CSRF) vulnerability

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. Th...

EUVD-2024-32577

Malicious code in bioql PyPI...

EUVD-2024-47438

Malicious code in bioql PyPI...

CVE-2024-5470

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4 and from 17.1 prior to 17.1.2 where a Guest user with adminpushrules permission may have been able to create project-level deploy tokens...

CVE-2024-41446

A stored cross-site scripting XSS vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the Create/Modify article function...

PT-2025-17444 · Alkacon · Alkacon Opencms

Name of the Vulnerable Software and Affected Versions: Alkacon OpenCMS version 17.0 Description: A Cross Site Scripting vulnerability in the Create/Modify article function allows a remote attacker to inject a javascript payload via the image title sub-field in the image field. Recommendations: Fo...

Alkacon OpenCMS 安全漏洞

Alkacon OpenCMS is a content management system from Alkacon Inc. A security vulnerability exists in Alkacon OpenCMS version 17.0, which stems from improper handling of the author parameter and could lead to a stored cross-site scripting attack...

BIT-GITLAB-2024-6595 Uncontrolled Search Path Element in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 where it was possible to upload an NPM package with conflicting package data...

CVE-2024-5470

Removed by vendor...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE version 17.0 up to and includi...

PT-2024-5346

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description The issue is related to insufficient access control in the admin compliance framework function of the Group Namespace URL Handler component in...

BIT-GITLAB-2024-1493 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

GitLab 15.8 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-5655)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker...