CVE-2026-6060

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

EUVD-2018-14574

Malware in sbrugna...

EUVD-2021-22724

Malware in sbrugna...

EUVD-2020-12605

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-30684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and...

VMware vCenter Server 7.0.x < 7.0 U3v / 8.0.x < 8.0 U3g DoS (VMSA-2025-0014)

The version of VMware vCenter Server installed on the remote host is 7.0.x prior to 7.0 U3v, or 8.0.x prior to 8.0 U3g. It is, therefore, affected by a vulnerability as referenced in the VMSA-2025-0014 advisory. A malicious actor who is authenticated through vCenter and has permission to perform...

Linux Distros Unpatched Vulnerability : CVE-2025-50081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and...

Oracle MySQL Server 9.0.x < 9.4.0 (July 2025 CPU)

The versions of MySQL Server installed on the remote host are affected by a multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42,...

AZL-65498 CVE-2025-50104 affecting package mysql for versions less than 8.0.43-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components. A security vulnerability exists in Oracle MySQL Server of Oracle MySQL, which stems from a flaw in the PS component that could lead to a complete...

CVE-2024-46622

An Escalation of Privilege security vulnerability was found in SecureAge Security Suite software 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18 that allows arbitrary file creation, modification and deletion...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal versions 8.0.X prior to 10.1.8 and 10.2.X prior to 10.2.2, which stems from a vulnerability that allows for over-allocation...

UBUNTU-CVE-2024-43442

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...

Kibana < 7.17.22 / 8.0.x < 8.14 (ESA-2024-11)

The version of Kibana installed on the remote host is prior to 7.17.22 or 8.14. It is, therefore, affected by a vulnerability as referenced in the ESA-2024-11 advisory. - A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a...

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Tested on: 8.5.3 CVE ...

BIT-PHP-2021-21708 UAF due to php_filter_float() failing

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

BIT-PHP-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

Avaya Aura Experience Portal Information Disclosure Vulnerability

Avaya Aura Experience Portal is the next-generation Avaya Voice Portal from Avaya, Inc. providing organizations with a single point of orchestration for all automated voice and multimedia applications and services.Experience Portal supports SIP, IP, TDM or hybrid environments. It includes powerfu...

CVE-2023-5421 Possible XSS execution in customer information

An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was...