CVE-2025-36335 Vulnerabilities found

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user...

GHSA-JMQ3-X8Q7-J9QM baserCMS has a cross-site scripting vulnerability in blog posts

baserCMS has a cross-site scripting vulnerability in blog posts. Target baserCMS 5.2.1 and earlier versions Vulnerability Malicious Javascript may be executed in blog posts. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more...

CVE-2026-21896 Kirby is missing permission checks in the content changes API

Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing permission checks in the content changes API. This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by...

CVE-2025-10630 Regex DoS in Grafana Zabbix Plugin

Grafana is an open-source platform for monitoring and observability. Grafana-Zabbix is a plugin for Grafana allowing to visualize monitoring data from Zabbix and create dashboards for analyzing metrics and realtime monitoring. Versions 5.2.1 and below contained a ReDoS vulnerability via...

Regex DoS in Zabbix Plugin in Grafana

Grafana is an open-source platform for monitoring and observability. Grafana-Zabbix is a plugin for Grafana allowing to visualize monitoring data from Zabbix and create dashboards for analyzing metrics and realtime monitoring. Versions 5.2.1 and below contained a ReDoS vulnerability via...

OESA-2025-1618 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: A vulnerability, which was classified as problematic, was found in Django up to 4.2.21/5.1.9/5.2.1 Content Management System.CWE is classifying the issue as CWE-117. The product does n...

PT-2023-7755 · Fortinet · Fortiwan

Name of the Vulnerable Software and Affected Versions: FortiWAN versions 5.1.1 through 5.1.2 FortiWAN versions 5.2.0 through 5.2.1 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'path traversal' vulnerability. This may allow an...

FortiManager Command Injection Vulnerability

Fortinet FortiManager VM is a centralized network security management platform for virtual machines. FortiManager versions 5.2.1 and earlier, 5.0.10 and earlier, have a command injection vulnerability in the implementation that can be exploited by an attacker to run system commands while executin...

PYSEC-2020-87

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level...

PT-2019-16880 · Ibm · Ibm Tivoli Storage Productivity Center

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Storage Productivity Center versions 5.2.1 through 5.2.17 Description: The issue is caused by improper validation of csv file contents, which could allow a remote attacker to execute arbitrary commands on the system. Recommendation...

Security Bulletin: IBM FileNet Content Manager affected by Apache HttpClient security vulnerability

Summary Security vulnerability may affect Apache HttpClient used by IBM FileNet Content Manager. Vulnerability Details CVEID: CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname...

Security Bulletin: IBM FileNet Content Manager component FileNet Deployment Manager security vulnerability

Summary FileNet Deployment Manager external DTD security vulnerability. Vulnerability Details CVEID: CVE-2018-1844 DESCRIPTION: IBM Case Manager is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose...