12 matches found
CVE-2026-38751
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
CVE-2025-70888
An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component...
CVE-2026-30851
Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...
i-Educar SQL注入漏洞
i-Educar is a free educational software from Portábilis Open Source. A SQL injection vulnerability exists in i-Educar 2.10 and earlier versions, which stems from incorrect manipulation of parameters in the file /module/Cadastro/aluno, and could lead to a SQL injection attack...
i-Educar 安全漏洞
i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.10 and earlier, which stems from an improper authorization issue in file/educacenso/consulta...
CVE-2025-6017
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to...
PT-2024-19700 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 2.9.1 a-blog cms versions 2.9.0 and earlier a-blog cms versions 2.10.x through 2.10.49 a-blog cms versions 2.11.x through 2.11.57 a-blog cms versions 3.0.x through 3.0.28 a-blog cms versions 3.1.x through 3.1.6...
CVE-2022-2043 MOXA NPort 5110 Out-of-bounds Write
MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive...
com.github.gergelyszaz.bgl:board-game-language (=0.1.0), com.github.marc-christian-schulze.structs4java:structs4java-core (>=1.0.13 <=1.0.45) +111 more potentially affected by CVE-2019-10249 via org.eclipse.xtext:org.eclipse.xtext (>=2.10.0 <=2.17.1)
org.eclipse.xtext:org.eclipse.xtext MAVEN version =2.10.0, =1.0.13, =1.0.13, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.2 and more Source cves: CVE-2019-10249 Source advisory: OSV:GHSA-RFJ2-4G26-7JW5...
uftpd Buffer Error Vulnerability
uftpd is a Linux-based FTP/TFTP file transfer server from the Swedish individual developer Joachim Nilsson. A buffer error vulnerability exists in uftpd FTP server versions 2.10 and earlier, which stems from a common unauthenticated stack-based buffer overflow vulnerability, ccommon.c's handlePOR...
PT-2019-11307 · Jenkins · Jenkins Active Directory Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Active Directory Plugin versions 2.10 and earlier Description: An issue exists in the improper validation of certificates, allowing attackers to impersonate the Active Directory server that Jenkins connects to for authentication when...
CVE-2018-2824
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Enterprise Management Console. Supported versions that are affected are 2.8, 2.9 and 2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...