EUVD-2025-37006

Dell Unity, versions 5.5 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges...

PT-2025-44404

Name of the Vulnerable Software and Affected Versions Dell Unity versions 5.5 and prior Description Dell Unity software contains an Improper Neutralization of Special Elements used in an OS Command vulnerability, also known as OS Command Injection. A local attacker with low privileges could...

CVE-2019-4209

HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks...

HGiga iSherlock 路径遍历漏洞

HGiga iSherlock is a series of software products from China's Henderson Technology HGiga. A path traversal vulnerability exists in HGiga iSherlock, which stems from the presence of a path traversal vulnerability. An attacker can exploit this vulnerability to download arbitrary system files...

LG webOS 操作系统命令注入漏洞

LG webOS is a Linux kernel-based smart TV operating system from LG Corporation in South Korea. An OS command injection vulnerability exists in LG webOS, which stems from an OS command injection vulnerability in the processAnalyticsReport method of the com.webos.service.cloudupload service. Affect...

SUSE CVE-2012-0113

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118...

SUSE CVE-2012-0119

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O with kernel versions 5.0 through 5.5. An attacker...

PT-2022-33576 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.5 through 5.19.1 Description: A refcount leak was discovered in the of get ocmem function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version 5.5 and is fixed in...

Desknets Neo Cross-Site Scripting Vulnerability

Desknets Neo is a remote office support software from Japanese company Desknets. A cross-site scripting vulnerability exists in desknets NEO, which originates from a vulnerability that allows remote attackers to inject arbitrary scripts via unspecified vectors. The following products and versions...

CVE-2020-14858

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications component: Logging. Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2019-4209

HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks...

Oracle Hospitality OPERA 5 CVE-2020-2677 Remote Security Vulnerability

Description Oracle Hospitality OPERA 5 is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Login' component is affected. This vulnerability affects the following supported versions: 5.5, 5.6 Technologies Affected Oracle Hospitality OPERA ...

Trend Micro Email Encryption Gateway Arbitrary Command Execution Vulnerability (CNVD-2018-04486)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. An arbitrary command execution vulnerability exists in Trend Micro Email...

UBUNTU-CVE-2017-3313

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: MyISAM. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure wher...

mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer...

PT-2016-6602 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.51 and earlier Oracle MySQL versions 5.6.32 and earlier Oracle MySQL versions 5.7.14 and earlier Description: The issue allows remote administrators to affect availability via vectors related to Server: Federated. It...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...

PT-1999-1646 · Dec · Openvms

Name of the Vulnerable Software and Affected Versions: Open VMS versions 5.3 through 5.5-2 Description: The issue allows attackers to conduct brute force password guessing due to improper disabling of access to user accounts that exceed the break-in limit threshold for failed login attempts. This...