DNN: Same HostGUID For All New Installs

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...

CVE-2025-6465

Mattermost Server is affected by CVE-2025-6465 due to failure to sanitize file names in file streaming APIs, enabling path-traversal to overwrite attachment thumbnails by users with file upload permission. Affected versions include Mattermost Server 10.8.x up to 10.8.3, 10.5.x up to 10.5.8, 10.10...

PT-2024-7169 · Vercel · Next.Js

Name of the Vulnerable Software and Affected Versions: Next.js versions 10.x through 14.x before version 14.2.7 Description: The issue is related to the image optimization feature in Next.js, which contains a vulnerability allowing for a potential Denial of Service DoS condition that could lead t...

SUSE CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

PT-2021-11242 · Intland · Intland Codebeamer Alm

Name of the Vulnerable Software and Affected Versions: Intland codeBeamer ALM versions 10.x through 10.1.SP4 Description: A CSRF issue allows attackers to cause a victim's browser to execute undesired actions in the web application through crafted requests. This is possible because requests sent ...

UBUNTU-CVE-2019-9756

An issue was discovered in GitLab Community and Enterprise Edition 10.x starting from 10.8 and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732...

Information disclosure

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

VMware Tools Local Elevation of Privilege Vulnerability

VMware Tools is a set of enhancements that come with VMware's VMWare virtual machines. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of the virtual machines with those of the host computer. A...

Design/Logic Flaw

IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remo...

Mozilla Thunderbird ESR Security Bypass Vulnerabilities - Oct 12 (Mac OS X)

The host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrsecbypassvulnoct12macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Thunderbird ESR Security Bypass Vulnerabilities - Oct 12 Mac OS X Authors:...

RealNetworks RealPlayer Multiple Code Execution Vulnerabilities (Linux)

This host is installed with RealPlayer which is prone to multiple code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodrealplayermultcodeexecvulnlin.nasl 5401 2017-02-23 09:46:07Z teissa $ RealNetworks RealPlayer Multiple Code Execution Vulnerabilities Linux Authors: Antu Sanadi...