139 matches found
PT-2026-45260
An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO BACKSLASH ESCAPES SQL mod...
CVE-2026-8202
CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...
a-mailx (=0.1.0), aaa-ml-datasets-course (=1.0.0) +105 more potentially affected by CVE-2026-40171 via notebook (>=7.0.0 <=7.5.5)
notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =0.1.0, =1.6.4, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.1.8, =0.0.2, =0.0.6 - compare-my-stocks =1.0.5 and more Source cves: CVE-2026-40171 Source advisory: SNYK:PYTHON-NOTEBOOK-16347195...
PT-2026-34042
Name of the Vulnerable Software and Affected Versions Spring Spring Security versions 6.4.0 through 6.4.15 Spring Spring Security versions 6.5.0 through 6.5.9 Spring Spring Security versions 7.0.0 through 7.0.4 Description Applications that explicitly configure One-Time Token login using...
UBUNTU-CVE-2026-5170
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...
CVE-2019-20778
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 June 2019...
CVE-2025-64153
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized...
PT-2025-50130
Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 8.0.0 through 8.0.1 Fortinet FortiWeb versions 7.6.0 through 7.6.5 Fortinet FortiWeb versions 7.4.0 through 7.4.10 Fortinet FortiWeb versions 7.2.0 through 7.2.11 Fortinet FortiWeb versions 7.0.0 through 7.0.11...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v7.0 up to and including version 7.0.26...
CVE-2025-54972
An improper neutralization of crlf sequences 'crlf injection' vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail 7.2 all versions, FortiMail 7.0 all versions may allow an attacker to inject headers in the response via convincing a user to click on a...
CVE-2025-53843
CVE-2025-53843 describes a stack-based buffer overflow in Fortinet FortiOS that affects FortiOS 6.4 and 7.x series (notably 7.6.0–7.6.3, 7.4.0–7.4.8, and all 7.2/7.0). The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted packets, with network access ...
CVE-2025-54971
The CVE-2025-54971 entry applies to Fortinet FortiADC: versions 6.2 and 7.0–7.2, and 7.4.0. The issue stems from information exposure that allows an admin with read-only privileges to obtain external resources passwords via the product logs, constituting a sensitive data disclosure vulnerability....
PT-2025-47364
Name of the Vulnerable Software and Affected Versions FortiWeb versions 7.0 through 7.6.0 FortiWeb version 7.4 FortiWeb version 7.2 Description A hard-coded credentials issue exists in FortiWeb that could allow an authenticated attacker with shell access to the device to connect to the redis...
Fortinet FortiMail 注入漏洞
Fortinet FortiMail is a suite of e-mail security gateway products from the U.S. company Fiat Fortinet. The product provides email security and data protection features. An injection vulnerability exists in Fortinet FortiMail that stems from improper CRLF sequence neutralization, which could resul...
Fortinet FortiClientWindows 代码问题漏洞
Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A code issue vulnerability exists ...
PT-2025-41963
Name of the Vulnerable Software and Affected Versions FortiClientMac versions 7.0 through 7.2.11 FortiClientMac versions 7.4.0 through 7.4.3 Description An incorrect permission assignment for a critical resource may allow a local attacker to run arbitrary code or commands via LaunchDaemon...
EUVD-2017-1032
Malware in sbrugna...
EUVD-2017-1130
Malware in sbrugna...
EUVD-2017-4705
Malware in sbrugna...
EUVD-2017-4800
Malware in sbrugna...