CVE-2019-18643

Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to uplo...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-6051.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-6051. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-6051 DESCRIPTION: A Regular Expression Denial of Service...

EUVD-2022-15625

Malicious code in bioql PyPI...

PT-2024-19341 · Ibm · Ibm Maximo Application Suite

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.10 through 8.11 Description: The issue allows a remote attacker to traverse directories on the system by sending a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary fil...

com.farcsal.dql:query-es (=0.8.0), com.github.msarhan:elasticsearch-analysis-arabic (>=1.2.0 <=1.4.0) +10 more potentially affected by CVE-2024-23451 via org.elasticsearch:elasticsearch (>=8.10.0 <=8.12.2)

org.elasticsearch:elasticsearch MAVEN version =8.10.0, =1.2.0, =0.83.0, =7.23.0, =8.10.0.0, =8.10.0.0, =8.10.0.0, =8.10.0.0, =8.10.0, =8.10.0, =8.10.4, =8.12.2 Source cves: CVE-2024-23451 Source advisory: OSV:GHSA-R3HX-QFH5-R9M7...

PT-2024-13074 · Ibm · Ibm Maximo Application Suite - Maximo Mobile For Eam

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite - Maximo Mobile for EAM versions 8.10 through 8.11 Description: The issue could disclose sensitive information to a local user. Recommendations: For versions 8.10 through 8.11, at the moment, there is no informati...

IBM Maximo Application Suite 日志信息泄露漏洞

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Maximo Application Suite versions 8.10 and 8.11...

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

PT-2022-13210 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.10 and later Description: An issue has been discovered in GitLab CE/EE where it is possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes. Recommendations: For GitLab CE/EE...

GitLab Code Issue Vulnerability (CNVD-2020-20423)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A code issue vulnerability exists in the project import...

Unspecified Vulnerability in Oracle Hospitality WebSuite8 Cloud Service Component

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle. The solution provides human resources cost management, provide customer service throughout the journey tracking management to improve customer satisfaction,...