PT-2026-33742

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004637 advisory. In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to...

CVE-2025-55912

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photouploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler...

CVE-2025-58438

internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal path traversal vulnerability in the File.download method of the internetarchive library. The file.download method does not properly sanitize user-supplied filenames or...

CVE-2025-58438 internetarchive is vulnerable to Directory Traversal through file downloads

internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal path traversal vulnerability in the File.download method of the internetarchive library. The file.download method does not properly sanitize user-supplied filenames or...

PT-2025-7234 · Adnan · Analytify

Name of the Vulnerable Software and Affected Versions: Adnan Analytify versions n/a through 5.5.0 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions n/a through...

Security Bulletin: WebSphere network security vulnerability in IBM Content Foundation on Cloud

Summary WebSphere network security vulnerability in IBM Content Foundation on Cloud containers Vulnerability Details CVEID:CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain...

africa.absa:inception-oauth2-resource-server (>=1.0.0 <=1.2.0), au.org.consumerdatastandards:client-cli (>=1.13.0 <=2.4.1) +1255 more potentially affected by CVE-2022-22978 via org.springframework.security:spring-security-web (>=5.5.0 <=5.5.6)

org.springframework.security:spring-security-web MAVEN version =5.5.0, =1.0.0, =1.13.0, =1.13.0, =1.0.0, =0.0.8-alpha, =0.0.1-alpha, =1.0.4.R, =1.0.4.R, =1.0.4.R, =1.0.4.R, =1.7.26, =1.3.30, =1.1.1-alpha, =1.1.1-alpha, =0.0.3-alpha, =0.0.4-alpha-5 and more Source cves: CVE-2022-22978 Source...

@accordproject/cicero-cli (>=0.13.1 <=0.13.5-20190807130647), @accordproject/cicero-core (>=0.13.1 <=0.13.5-20190807130647) +44 more potentially affected by unknown CVE via acorn (>=5.5.0 <=5.7.3)

acorn NPM version =5.5.0, =0.13.1, =0.13.1, =0.13.1, =0.13.1, =0.13.1, =0.13.8, =0.5.0, =0.0.10, =2.0.1-pr.0, =12.0.0, =1.2.2, =0.6.0, =1.1.1, =5.0.1 - @devsnicket/eunice-analyzer =0.36.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-6CHW-6FRG-F759...

Couchbase Server Cross-Site Scripting Vulnerability

Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . A cross-site scripting vulnerability exists in Couchbase Server versions 5.5.0 and...

Couchbase Server Resource Management Error Vulnerability

Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . A resource management error vulnerability exists in Couchbase Server versions 4.6.3...

Couchbase Server Authorization Issues Vulnerability (CNVD-2019-34123)

Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . An authorization issue vulnerability exists in Couchbase Server versions 6.0.0 and...

CVE-2018-6705

Privilege escalation vulnerability in McAfee Agent MA for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions...

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

PT-2010-1277 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.0 through 5.5.28 Apache Tomcat versions 6.0.0 through 6.0.20 Description: The issue allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename. When deploying WAR file...