CVE-2026-40996

CVE-2026-40996 affects Spring Web Services where Wss4jSecurityInterceptor incorrectly defaults allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J’s safer validation behavior for RequestData. This could allow RSA PKCS#1 v1.5 (rsa-1_5) encrypted key material in inbound WS-Security dec...

CVE-2026-2367 Secure Copy Content Protection and Content Locking <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attribute

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aysblock' shortcode in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This...

ai-box-lib (>=0.1.0 <=0.1.9), aligned-py (>=0.1.0 <=0.2.0a0) +70 more potentially affected by CVE-2025-64076 via cbor2 (>=5.0.1 <=5.7.0)

cbor2 PYPI version =5.0.1, =0.1.0, =0.1.0, =0.13.0, =0.5.5.post5, =0.5.5.post4, =0.1.0, =2.0.1, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.4 and more Source cves: CVE-2025-64076 Source advisory: SNYK:PYTHON-CBOR2-14049181...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

io.github.openfeign.querydsl:querydsl-collections (>=5.0.1 <=5.6), io.github.openfeign.querydsl:querydsl-hibernate-search (>=5.0.1 <=5.6) +6 more potentially affected by CVE-2024-49203 via io.github.openfeign.querydsl:querydsl-apt (>=5.0.1 <=5.6)

io.github.openfeign.querydsl:querydsl-apt MAVEN version =5.0.1, =5.0.1, =5.0.1, =5.0.1, =5.0.1, =5.0.1, =5.0.1, =5.0.1, =5.6 Source cves: CVE-2024-49203 Source advisory: OSV:GHSA-6Q3Q-6V5J-H6VG...

PT-2024-2358 · Eve-Ng · Eve-Ng

Name of the Vulnerable Software and Affected Versions: EVE-NG versions 5.0.1-13 Description: The issue exists due to the lack of protection of the web page structure in the Lab Handler component of EVE-NG, allowing a remote attacker to conduct a cross-site scripting XSS attack. The manipulation o...

PT-2022-4705 · Triangle Microworks · Triangle Microworks 60870-6 (Iccp/Tase.2) Library +1

Name of the Vulnerable Software and Affected Versions: Triangle Microworks IEC 61850 Library versions 11.2.0 and earlier Triangle Microworks IEC 61850 Library C++, C, or Java language library versions 5.0.1 and earlier Triangle Microworks 60870-6 ICCP/TASE.2 Library C++ language library versions...

CVE-2021-22526

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4...

CVE-2021-22524

Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4...

Squid Security Update Advisory SQUID-2020:5

Squid is prone to a denial of service vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cybozu Garoon path traversal vulnerability (CNVD-2020-36776)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A path traversal vulnerability exists in Cybozu Garoon versions 4.0.0 through 5.0.1. A remote attacker can exploi...

UBUNTU-CVE-2020-5504

In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server...