18 matches found
CVE-2026-4917
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
CVE-2026-4919 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
IBM DB2 Merge Backup 安全漏洞
IBM DB2 Merge Backup is a database-assisted backup tool developed by IBM. Version 12.1.0.0 of IBM DB2 Merge Backup contains a security vulnerability. This vulnerability stems from buffer overflows allocated at the stack level, which could allow authenticated users to cause the program to crash...
SUSE-SU-2026:20170-1 Security update for cockpit-subscriptions
This update for cockpit-subscriptions fixes the following issues: Update to version 12.1: - CVE-2025-64718: js-yaml: fixed prototype pollution in merge bsc1255425...
PT-2025-52684
Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Page Settings module. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Excerpt field...
PT-2025-52685
Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Media module. An attacker can inject a crafted payload into the Name field to execute arbitrary web scripts or HTML. Recommendations At the moment, ther...
CVE-2025-67591
Cross-Site Request Forgery CSRF vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through 12.0.1...
CVE-2023-27489
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS accepts SVG files uploaded by users which could potentially contain JavaScript code. If SVG images are viewed directly, i.e. not rendered in an HTML page, this JavaScript code could execute. This...
IOBit Malware Fighter 安全漏洞
IOBit Malware Fighter is a suite of antivirus software for Windows-based platforms from IOBit. The program has features such as anti-malware and virus protection. A security vulnerability exists in IOBit Malware Fighter version v12.1.0, which originates from the exposure of the IMFForceDelete...
Malicious code in ownyourcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ae49ecc59ae81e10af1589cca5d026e0fb03269a4490c4934d61934a157d7b86 The OpenSSF Package Analysis project identified 'ownyourcode' @ 12.1.1 npm as malicious. It is considered malicious because: - The package...
Veeam ONE 安全漏洞
Veeam ONE is a suite of IT monitoring and reporting tools from Veeam USA. The product supports features such as backup monitoring, operational status monitoring of virtual and physical environments. A security vulnerability exists in Veeam ONE version 12.1.0.3208 and previous versions 12, which...
Italtel i-MCS NFV 安全漏洞
Italtel i-MCS NFV is an IMS/NGN core and border suite from Italtel Italy. A security vulnerability exists in Italtel i-MCS NFV version 12.1.0-20211215, which originates from a remote, unauthenticated attacker being able to upload a file at an arbitrary path...
SUSE-SU-2022:2936-1 Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: - Updated to version 12.1.0 build 20219665 bsc1202733: - CVE-2022-31676: Fixed an issue that could allow unprivileged users inside a virtual machine to escalate privileges bsc1202657...
Cyberark Software CyberArk Credential Provider 安全特征问题漏洞
CyberArk Software Credential Provider is an installation credential provider program from CyberArk Software, an Israeli company. CyberArk Credential Provider suffers from a security signature issue vulnerability that stems from the vulnerability of the user identification mechanism used prior to...
UBUNTU-CVE-2021-22167
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository...
PT-2019-16995 · Ibm · Ibm Informix Dynamic Server Enterprise Edition
Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server Enterprise Edition version 12.1 Description: The issue allows a local privileged Informix user to load a malicious shared library, potentially gaining root access privileges. Recommendations: For IBM Informix Dynam...
Apple iOS, macOS Mojave and tvOS Kernel Denial of Service Vulnerability
Apple iOS, macOS Mojave, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS Mojave is a specialized operating system for Mac computers; and tvOS is an operating system for smart televisions. kernel is one of the Kernel is one of the kernel components. A...
CVE-2017-3477
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 12.0.0 and 12.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...