82 matches found
Next.js 安全漏洞
Next.js is a React framework open source by Vercel. Versions of Next.js from 10.0.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities arise from the default image loader being hosted on the server, where the Image Optimization API loads local imag...
Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2026-1188]
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
CVE-2026-43646
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-37980 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.5)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
DEBIAN-CVE-2025-65114
Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...
PT-2026-29793
Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions 9.0.0 through 9.2.12 and 10.0.0 through 10.1.1 Description Apache Traffic Server is susceptible to request smuggling when handling malformed chunked messages. This can potentially lead to various security issues...
PT-2026-27638
Name of the Vulnerable Software and Affected Versions Hitachi Infrastructure Analytics Advisor versions prior to 11.0.5-00 Hitachi Ops Center Analyzer versions prior to 11.0.5-00 Description A Cross-Site Scripting issue exists in the Analytics probe component of Hitachi Infrastructure Analytics...
CVE-2025-0976
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-3121 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.5)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +190 more potentially affected by CVE-2026-2733 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.3)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +168 more potentially affected by CVE-2025-14778 via org.keycloak:keycloak-services (>=10.0.0 <=26.2.1)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =1.0.2 and more Source cves: CVE-2025-14778 Source advisory: OSV:GHSA-FM6W-RRP3-2X4W...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +186 more potentially affected by CVE-2026-1190 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.2)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ca.bc.gov.tno:dal-db (>=0.0.8-alpha <=0.0.17-alpha), ca.bc.gov.tno:service (>=0.0.1-alpha <=0.0.6-alpha) +356 more potentially affected by CVE-2026-1180 via org.keycloak:keycloak-adapter-core (>=10.0.0 <=25.0.3)
org.keycloak:keycloak-adapter-core MAVEN version =10.0.0, =0.0.8-alpha, =0.0.1-alpha, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.0.2, =1.3.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.3.2, =1.8.0 and more Source cves: CVE-2026-1180 Source advisory: OSV:GHSA-7VW6-5Q2F-7W5R...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +190 more potentially affected by CVE-2026-1190 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.3)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
CVE-2025-66444
Cross-site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Data Center Analytics component and Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view component.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-0...
CVE-2025-66444 Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer
Cross-site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Data Center Analytics component and Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view component.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-0...
Hitachi Ops Center Analyzer和Hitachi Infrastructure Analytics Advisor 安全漏洞
Hitachi Ops Center Analyzer and Hitachi Infrastructure Analytics Advisor are both products of Hitachi, Ltd. of Japan.Hitachi Ops Center Analyzer is a data center management software. It monitors, reports, and correlates end-to-end performance from servers to storage.Hitachi Infrastructure Analyti...
CVE-2025-59935
GLPI (asset/IT management software) is affected by CVE-2025-59935. In GLPI versions 10.0.0 up to, but not including, 10.0.21, an unauthenticated user can store an XSS payload via the inventory endpoint. The vulnerability is triggered by submitting crafted input to inventory-related requests, allo...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +181 more potentially affected by CVE-2025-14083 via org.keycloak:keycloak-services (>=10.0.0 <=26.4.7)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +134 more potentially affected by CVE-2025-12390 via org.keycloak:keycloak-services (>=10.0.0 <=25.0.6)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =1.0.2 and more Source cves: CVE-2025-12390 Source advisory: OSV:GHSA-RG35-5V25-MQVP...