10 matches found
CVE-2026-1879
CVE-2026-1879 affects Harvard IQSS Dataverse (up to 6.8) in the Theme Customization component, specifically the ThemeAndWidgets.xhtml file. A manipulation of the argument uploadLogo enables unrestricted file upload, enabling remote exploitation. The exploit is public, and upgrading to version 6.1...
CVE-2025-46369
Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Privilege Escalation...
PT-2025-6891 · Pix · Pix Software Vivaz
Name of the Vulnerable Software and Affected Versions: Pix Software Vivaz version 6.0.10 Description: A problematic vulnerability was found in Pix Software Vivaz, affecting unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has be...
CVE-2023-33996
Missing Authorization vulnerability in CleanTalk Inc Spam protection, AntiSpam, FireWall by CleanTalk cleantalk-spam-protect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through = 6.10...
PT-2024-12456 · Cleantalk · Cleantalk-Spam-Protect
Name of the Vulnerable Software and Affected Versions: CleanTalk Spam Protection versions 6.10 and below Description: The issue is related to a Missing Authorization vulnerability, which allows for broken access control. This can compromise the security of the site. The estimated number of...
UBUNTU-CVE-2024-45802
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...
PT-2024-28459 · Entrust · Entrust Instant Financial Issuance
Name of the Vulnerable Software and Affected Versions: Entrust Instant Financial Issuance On Premise Software versions 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier Description: The issue concerns a configuration file, specifically WebAPI.cfg.xml, which is left behind after the installation...
Aruba Networks ClearPass 安全漏洞
Aruba Networks ClearPass is an access management system from Aruba Networks, Inc. that integrates network control, application and device management capabilities. A security vulnerability exists in Aruba Networks ClearPass. An attacker could exploit the vulnerability to elevate user privileges to...
CVE-2022-3173
Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10...
CVE-2020-14516
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly...