CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

Astra Linux - уязвимость в php8.1

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, and 8.3. before 8.3.12, when using PHP-FPM SAPI and the option catchworkersoutput is set to yes, it is possible to manipulate the log messages by removing up to 4 characters from the log messages. Additionally, if PHP-FPM is configured to us...

CVE-2026-29014

CVE-2026-29014 affects MetInfo CMS versions 7.9, 8.0, and 8.1 with an unauthenticated PHP code injection that enables remote code execution. The vulnerability arises from insufficient input neutralization in the execution path, allowing remote attackers to send crafted requests containing PHP cod...

Security Bulletin: IBM Storage Protect Operations Center is affected by a vulnerability in IBM WebSphere Application Server Liberty that could allow a security configuration attack (CVE-2025-12635).

Summary IBM Spectrum Protect Operations Center uses IBM WebSphere Application Server Liberty in certain components; a vulnerability in Liberty may allow a security configuration attack that could impact the security of the affected environment under specific conditions. Vulnerability Details...

Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36732)

Summary IBM WebSphere Application Server Liberty is vulnerable to DoS by sending a specially-crafted request attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 fo...

EUVD-2023-36357

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-3824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length...

Linux Distros Unpatched Vulnerability : CVE-2025-1734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers...

BIT-LIBPHP-2024-8929 Leak partial content of the heap through heap buffer over-read in mysqlnd

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server...

Linux Distros Unpatched Vulnerability : CVE-2025-1220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 some functions like fsockopen lack validation that the hostname...

CVE-2023-0450

An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users...

CVE-2023-32089

Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description...

PT-2025-1782 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.1 to Infinity 24.2.0 Description: The issue is related to a Stored XSS problem with the profile. Recommendations: For Pega Platform versions 8.1 to Infinity 24.2.0, update to a version newer than Infinity 24.2.0 to...

CVE-2024-10716

Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search...

CVE-2024-10716

Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search...

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. PHP has a security vulnerability. An attacker exploiting this vulnerability could cause the buffer to over-read a byte, which could result in a crash or leak the contents of other memory areas. The following versions are affected:...

CVE-2024-8929 Leak partial content of the heap through heap buffer over-read in mysqlnd

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server...

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Google Android versions 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit this...

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit this...

PT-2024-8873

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. before 8.1.31 PHP versions 8.2. before 8.2.26 PHP versions 8.3. before 8.3.14 Description: The issue is related to an error in the convert.quoted-printable-decode filter, which can lead to a buffer overread by one byte. This...