20 matches found
Sangoma Technologies Switchvox 安全漏洞
Sangoma Technologies Switchvox is a telephone system developed by Sangoma Technologies in Canada, suitable for businesses of any size. Prior to the version 8.4 of Sangoma Technologies Switchvox, there was a security vulnerability. This vulnerability stemmed from the storage of plaintext SIP...
CVE-2025-46607
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access...
CVE-2026-38533
An improper authorization vulnerability in the /api/v1/users/id endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request...
Vtiger CRM 安全漏洞
Vtiger CRM is a customer relationship management system developed by Vtiger Corporation in the United States, based on SugarCRM. This system provides functions for managing, collecting, and analyzing customer information. Version Vtiger CRM 8.4.0 has a security vulnerability that stems from...
EUVD-2025-209386
An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server...
WordPress plugin Visitor Traffic Real Time Statistics 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Oracle Linux 8 : mysql:8.4 (ELSA-2026-6391)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6391 advisory. mecab mecab-ipadic mysql 8.4.8-1 - Rebase to 8.4.8 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2026-32423
Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...
[SECURITY] Fedora 42 Update: mysql8.0-8.0.44-4.fc42
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CVE-2022-31901
Buffer overflow in function Notepadplus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files...
CVE-2025-61167
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...
EUVD-2025-93504
Incorrect default permissions for the IntelR Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable local code execution...
CVE-2025-8356 Path Traversal leading to RCE
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution RCE, allowing the attacker to run arbitrary commands on the system...
CVE-2020-12018
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...
CVE-2019-13978
Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat=mem request...
AZL-62210 CVE-2025-30681 affecting package mysql for versions less than 8.0.42-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2023-5607
An improper limitation of a path name to a restricted directory path traversal vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a specially crafted GTI...
FRRouting FRR 缓冲区错误漏洞
FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 8.4 and earlier versions, which originates from an out-of-bounds read by the BGP daemon...
PT-2019-19049 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Jira versions prior to 8.4.0 Description: The issue allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class. This is relate...
PT-2017-11789 · Pcre +2 · Pcre +2
Name of the Vulnerable Software and Affected Versions: PCRE version 8.41 Description: The issue allows stack exhaustion due to uncontrolled recursion when processing a crafted regular expression, specifically through the OP KETRMAX feature in the match function in pcre exec.c. Recommendations: Fo...