Linux Distros Unpatched Vulnerability : CVE-2026-39864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of- bounds read in the auth module of Kamailio formerly...

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.112.0) +8095 more potentially affected by CVE-2025-41234 via org.springframework:spring-web (>=6.0.5 <=6.1.20)

org.springframework:spring-web MAVEN version =6.0.5, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.1.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.8.7 and more Source cves: CVE-2025-41234 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-10345766...

CVE-2025-41234

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download RFD attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input...

WordPress plugin Course Booking System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

IBM Publishing Engine Cross-Site Scripting Vulnerability

IBM Publishing Engine is a U.S. IBM automated document generation solution. The program can generate Rational product documentation , but also supports the choice of other vendors to generate documentation for the application . A cross-site scripting vulnerability exists in IBM Publishing Engine...

CVE-2018-1657

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID:...

IBM Rational Publishing Engine Cross-Site Scripting Vulnerability (CNVD-2018-21188 )

IBM Rational Publishing Engine is a set of document automation solutions from IBM. The program can generate Rational product documentation , but also supports the choice of other vendors to generate documentation for the application . A cross-site scripting vulnerability exists in IBM Rational...

CVE-2017-1306

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...