CVE-2026-44925

Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...

CVE-2026-44924

InfoScale VIOM 9.1.3 allows XSS...

PT-2026-42195

InfoScale VIOM 9.1.3 allows XSS...

CVE-2026-44923

CVE-2026-44923 affects InfoScale VIOM prior to 9.1.3. A SQL injection in the VIOM web application can enable remote attackers to escalate privileges. CVSS v3.1 base score 6.5 (Network, Low attack complexity, No privileges required, No user interaction, Confidentiality/Integrity low). Documents co...

CVE-2026-44925

Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...

PT-2026-42194

SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges...

Veritas InfoScale VIOM 跨站脚本漏洞

Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualization environments developed by Veritas Corporation in the United States. Version 9.1.3 of Veritas InfoScale VIOM contains a cross-site scripting vulnerability, which stems from cross-site...

CVE-2026-44923

SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges...

Veritas Technologies Infoscale Operations Manager 跨站请求伪造漏洞

Veritas Technologies Infoscale Operations Manager is a software developed by Veritas Technologies in the United States, used for managing the entire InfoScale deployment. This software offers features such as multi-cluster management, custom interfaces, and centralized audit logging. Version 9.1....

CVE-2026-44925

CVE-2026-44925 describes a Cross-Site Request Forgery (CSRF) in InfoScale v.9.1.3 Operations Manager (VIOM). The vulnerability arises from an ability for an attacker to coerce an active VIOM session user into clicking a crafted HTML link, resulting in unintended modifications within the VIOM web ...

EUVD-2023-1425

Malicious code in bioql PyPI...

EUVD-2022-7408

Malicious code in bioql PyPI...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Nimbus JOSE+JWT library which is vulnerable to CVE-2025-53864

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Nimbus JOSE+JWT library which is vulnerable to CVE-2025-53864. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbu...

CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Cross Site Request Forgery.This issue affects NEX-Forms: from n/a through = 9.1.3...

PT-2025-33940 · Basix · Basix Nex-Forms

Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms versions through 9.1.3 Description: A Cross-Site Request Forgery CSRF vulnerability exists in Basix NEX-Forms, allowing attackers to perform actions on behalf of an authenticated user without their knowledge. This vulnerabilit...

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA version 9.1.3, which stems from vulnerability to cross-site scripting attacks...

WordPress Quiz and Survey Master (QSM) plugin < 9.1.3 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Quiz And Survey Master versions 9.1.3...

WordPress plugin Quiz and Survey Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

Code injection

In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit...