24 matches found
CVE-2026-1726
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers could access sensitive data, modify system configurations, or change permissions for other users. T...
PT-2026-34578
Name of the Vulnerable Software and Affected Versions IBM Guardium Key Lifecycle Manager versions 4.1 through 5.1 Description An issue exists in IBM Guardium Key Lifecycle Manager that may lead to a security compromise. Recommendations At the moment, there is no information about a newer version...
02strich-markdown (>=1.0.0 <=1.0.2), @0xintuition/slang-cli (>=0.0.1 <=0.0.8) +1940 more potentially affected by CVE-2026-26996 via minimatch (>=4.1.1 <=4.2.3)
minimatch NPM version =4.1.1, =1.0.0, =0.0.1, =0.5.2, =5.0.2, =2.2.0, =1.1.4, =1.3.1, =1.0.0, =0.0.2-alpha-20220914223128-d706aab, =0.0.2-alpha-20220915073207-1bb0680, =0.0.2-alpha-20220914223128-d706aab, =1.1.8, =1.0.0, =1.5.0 and more Source cves: CVE-2026-26996 Source advisory:...
SUSE CVE-2017-18897
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection...
PT-2025-33541 · WordPress · Betterdocs
Name of the Vulnerable Software and Affected Versions: BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress versions up to and including 4.1.1 Description: The BetterDocs plugin for...
PT-2024-16913 · WordPress · Comfino Payment Gateway
Name of the Vulnerable Software and Affected Versions: Comfino Payment Gateway plugin for WordPress versions up to, and including, 4.1.1 Description: The Comfino Payment Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg and remove query a...
WordPress plugin Comfino Payment Gateway 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Comfino Payment Gateway...
OpenHarmony 安全漏洞
OpenHarmony is an open source project of a kind of Hongmeng operating system from the China OpenAtom OpenAtom Foundation. A security vulnerability exists in OpenHarmony version v4.1.1 and earlier versions, which originates from memory reuse after release. An attacker can exploit the vulnerability...
PT-2024-13385 · Nordic Semiconductor · Nrf Sniffer For Bluetooth Le
Name of the Vulnerable Software and Affected Versions: Nordic Semiconductor nRF Sniffer for Bluetooth LE versions 3.0.0 through 4.1.1 Description: The issue is related to incorrect file permissions set for certain scripts in the Nordic Semiconductor nRF Sniffer for Bluetooth LE. This allows...
PT-2024-12080 · Ibm · Ibm Security Guardium Key Lifecycle Manager
Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 3.0 through 4.1.1 Description: The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. Recommendations: For...
Cybozu Remote Service security vulnerability
Cybozu Remote Service is a remote service management software from Cybozu Japan. It is used to access the Cybozu internal system. A security vulnerability exists in Cybozu Remote Service versions 4.1.0 through 4.1.1, which is caused due to uncontrolled resource consumption. A remote attacker coul...
CVE-2023-25924
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. IBM X-Force ID: 247630...
IBM Security Guardium 安全漏洞
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium Ke...
AZL-44958 CVE-2022-25881 affecting package nodejs-nodemon 2.0.3-5
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library...
PT-2022-24177 · WordPress · Wp Shamsi
Name of the Vulnerable Software and Affected Versions: WP Shamsi plugin versions = 4.1.1 Description: The issue is related to an authenticated plugin setting change vulnerability. This means that an attacker with subscriber or higher privileges can change plugin settings. The estimated number of...
UBUNTU-CVE-2022-29221
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...
cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +367 more potentially affected by CVE-2011-4905 via org.apache.activemq:activemq-core (>=4.1.1 <=5.5.1)
org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0.0.1, =1.2.29, =1.3, =1.0.0, =1.0.0, =1.0.1, =1.4.1, =25.0.10, =28.0.0 - com.ning:metrics.realtime-core =1.1.0 - com.tacitknowledge:simulator-core =1.1 and more Source cves: CVE-2011-4905 Source advisory:...
cloud.piranha.session:piranha-session-hazelcast (>=21.1.0 <=21.4.0), com.buession.cas:buession-cas-session (>=2.3.0 <=2.3.2) +93 more potentially affected by unknown CVE via com.hazelcast:hazelcast (>=4.1.1 <=4.1.7)
com.hazelcast:hazelcast MAVEN version =4.1.1, =21.1.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =3.1.22, =3.1.22, =5.1.6 - com.hazelcast.jet:hazelcast-jet-core =4.4 - com.hazelcast.jet:hazelcast-jet-hadoop-core =4.4 - com.hazelcast.jet:hazelcast-jet-sql =4.4 -...
aiida-core (=1.0.0), biocommons-seqrepo (>=0.3.5 <=0.4.5) +15 more potentially affected by CVE-2022-21699 via ipython (>=4.1.1 <=5.10.0)
ipython PYPI version =4.1.1, =0.3.5, =0.2.0, =2.0.0, =1.0.0b1, =1.0.0.post2, =0.0.7, =0.1.0, =0.1.6, =1.3.1, =0.4.0, =0.1.0, =0.10.0 - sklearn-plus =0.0.5 and more Source cves: CVE-2022-21699 Source advisory: OSV:GHSA-PQ7M-3GW7-GQ5X...
PT-2021-19804 · Unknown · Smartstore
Name of the Vulnerable Software and Affected Versions: Smartstore aka SmartStoreNET versions through 4.1.1 Description: An issue was discovered where Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message, potentially leading to issues with private message...