PT-2026-37236

Name of the Vulnerable Software and Affected Versions Masa CMS versions 7.2.0 through 7.2.9 Masa CMS versions 7.3.0 through 7.3.14 Masa CMS versions 7.4.0 through 7.4.9 Masa CMS versions 7.5.0 through 7.5.2 Description A SQL injection issue exists in the beanFeed.cfc component within the getQuery...

Acute Systems Acute Systems CrossFont 安全漏洞

Acute Systems CrossFont is a tool developed by Acute Systems that allows for the conversion and management of font files between different operating systems. Version 7.5 of Acute Systems CrossFont contains a security vulnerability. This vulnerability stems from a buffer overflow in the License Ke...

Microsoft PowerShell 7.4.x < 7.4.14 / 7.5.x < 7.5.5 Security Feature Bypass (April 2026)

The Windows 'Microsoft PowerShell' app installed on the remote host is 7.4.x prior to 7.4.14 or 7.5.x prior to 7.5.5. It is, therefore, affected by a security feature bypass vulnerability: - Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security...

IBM QRadar 7.5.x < 7.5.0 UP14 IF2 Information Disclosure (7253664)

The instance of IBM QRadar installed on the remote host is version 7.5.x prior to 7.5.0 UP14 IF2, and is therefore affected by an information disclosure vulnerability involving exposure of directory information, as disclosed in the IBM Security Bulletin 7253664. Note that Nessus has not tested fo...

CVE-2025-11955

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid...

EUVD-2018-14283

Malware in sbrugna...

EUVD-2023-51754

Malicious code in bioql PyPI...

EUVD-2022-52772

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-51495

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow...

CVE-2025-52720

CVE-2025-52720 affects WordPress plugins: Super Store Finder (versions =7.5) to mitigate.

IBM QRadar SIEM 日志信息泄露漏洞

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

CVE-2024-51464

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i...

CVE-2023-47642

Zulip is an open-source team collaboration tool. It was discovered by the Zulip development team that active users who had previously been subscribed to a stream incorrectly continued being able to use the Zulip API to access metadata for that stream. As a result, users who had been removed from ...

CVE-2023-47655

Cross-Site Request Forgery CSRF vulnerability in Marco Milesi ANAC XML Bandi di Gara.This issue affects ANAC XML Bandi di Gara: from n/a through 7.5...

CVE-2025-25182 Stroom Authentication/Authorization Bypass when using AWS ALB

Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authentication bypass to a Stroom system when configured with ALB and installed in a way that the...

PT-2024-34484 · Unknown · Flightpath

Name of the Vulnerable Software and Affected Versions: FlightPath version 7.5 Description: The issue allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user. This is achieved by including a malicious payload into the Last Name...

PT-2024-33293 · Logpoint · Logpoint

Name of the Vulnerable Software and Affected Versions: Logpoint versions prior to 7.5.0 Description: An issue in Logpoint allows Server-Side Request Forgery SSRF on SOAR, which can be used to leak Logpoint's API Token, leading to authentication bypass. Recommendations: For versions prior to 7.5.0...

PT-2024-5818 · Ibm · Ibm Qradar Network Packet Capture

Name of the Vulnerable Software and Affected Versions: IBM QRadar Network Packet Capture version 7.5 Description: The issue is related to the failure to properly enable HTTP Strict Transport Security, which could allow a remote attacker to obtain sensitive information using man-in-the-middle...

WordPress Plugin WPBakery Visual Composer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Plugin WPBakery Visual Composer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...