EUVD-2024-54935

Malicious code in bioql PyPI...

EUVD-2023-49304

Malicious code in bioql PyPI...

CVE-2024-12923

A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...

CVE-2025-49462

Summary: CVE-2025-49462 corresponds to a cross-site scripting vulnerability reported in Zoom Clients prior to 6.4.5. The issue is described as an authenticated user’s ability to disclose information via network access. The connected documents consistently state affected software as Zoom Clients b...

CVE-2023-48326

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through 6.4.5...

CVE-2024-47007

A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service...

Tenable Security Center Multiple Vulnerabilities (TNS-2024-21)

According to its self-reported version, the Tenable Security Center running on the remote host is version 6.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-21 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14,...

CVE-2024-47011

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information...

CVE-2024-47011

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information...

CVE-2024-47010

CVE-2024-47010 affects Ivanti Avalanche prior to version 6.4.5, with a path traversal that enables a remote unauthenticated attacker to bypass authentication. The issue is addressed by Ivanti in 6.4.5 (and related advisories), and references indicate follow‑ups for related CVEs (e.g., 6.4.7) addr...

CVE-2024-47009

Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication...

CVE-2024-47009

Ivanti Avalanche before 6.4.5 is affected by a Path Traversal vulnerability (CVE-2024-47009) that allows a remote, unauthenticated attacker to bypass authentication. The issue is documented across multiple sources (e.g., Red Hat advisory, NVD/NASL plugin context, NCCS/Nessus notes) and is address...

CVE-2024-47008

Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information...

PT-2024-6875

Name of the Vulnerable Software and Affected Versions Ivanti Avalanche versions prior to 6.4.5 Description The issue is a path traversal affecting the Faces Mojarra component within Ivanti Avalanche. This allows a remote, unauthenticated attacker to potentially reveal sensitive information. The...

CVE-2023-48326

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through 6.4.5...

PT-2023-30786 · Unknown · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager versions n/a through 6.4.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject...

Fortinet FortiManager 安全漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

MapServer WFS Feature Requests Buffer Overflow Vulnerability - Linux

MapServer is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:osgeo:mapserver";...