CVE-2026-25762 AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection

AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a denial of service DoS vulnerability exists in the multipart file handling logic of @adonisjs/bodyparser. When processing file uploads, the multipart parser may accumulate an unbounded amount of data in...

CVE-2026-25754 AdonisJS multipart body parsing has Prototype Pollution issue

AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a prototype pollution vulnerability in AdonisJS multipart form-data parsing may allow a remote attacker to manipulate object prototypes at runtime. This issue has been patched in versions 10.1.3 and...

CVE-2026-25754 AdonisJS multipart body parsing has Prototype Pollution issue

AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a prototype pollution vulnerability in AdonisJS multipart form-data parsing may allow a remote attacker to manipulate object prototypes at runtime. This issue has been patched in versions 10.1.3 and...

CVE-2023-26277

IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156...

Tenable Network Security Nessus操作系统命令注入漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security. An operating system command injection vulnerability exists in Tenable Network Security Nessus version 10.1.3 and earlier versions, which can be exploited by an authenticated attacker to...

Pimcore 信息泄露漏洞

Pimcore is a comprehensive open source enterprise platform for master data management PIM/MDM, user experience management CMS/UX, digital asset management DAM, and e-commerce.A username enumeration vulnerability exists in versions of Pimcore prior to 10.1.3. An attacker could exploit this...

IBM Emptoris Sourcing 环境问题漏洞

IBM Emptoris Sourcing helps organizations get affordable pricing and greater value from suppliers by examining factors such as cost, risk and performance in strategic sourcing decisions. A Web cache poisoning vulnerability exists in IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3. The...

IBM Emptoris Contract Management Information Disclosure Vulnerability (CNVD-2019-31129)

IBM Emptoris Contract Management is a suite of software from IBM USA that automates the contract lifecycle. The software automates and manages all phases of the contract lifecycle, from the creation, execution and renegotiation of contracts and amendments, to performance monitoring, analysis and...

IBM Emptoris Spend Analysis Cross-Site Scripting Vulnerability (CNVD-2019-31127)

IBM Emptoris Spend Analysis is a product within IBM's suite of procurement solutions for consolidating, cleansing and categorizing spend data from decentralized systems. A cross-site scripting vulnerability exists in IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3, which can be exploit...

PT-2019-17104 · Ibm · Ibm Emptoris Spend Analysis +2

Name of the Vulnerable Software and Affected Versions: IBM Emptoris Sourcing versions 10.1.0 through 10.1.3 IBM Contract Management versions 10.1.0 through 10.1.3 IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3 Description: The issue generates an error message that includes sensitive...