Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

DotNetNuke 9.2 - 9.2.2 - Weak Encryption & Cookie Deserialization

DNN DotNetNuke versions 9.2 through 9.2.2 use a weak encryption algorithm to protect input parameters because of an incomplete fix for CVE-2018-15811. This cryptographic weakness enables attackers to craft malicious DNNPersonalization cookies that can be deserialized, leading to remote code...

Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus one CVE

Summary IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus one CVE. CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918 Vulnerability Details Refer to the...

CVE-2025-53692

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP allows Cross-Site Scripting XSS.This issue affects Sitecore Experience Manager XM: from 9.2 through 10.4; Experience...

CVE-2025-53692

The CVE-2025-53692 entry describes an XSS vulnerability in Sitecore Experience Manager (XM) and Experience Platform (XP). Affected versions are XM 9.2–10.4 and XP 9.2–10.4. The underlying issue is Improper Neutralization of Input During Web Page Generation in the web page generation path, enablin...

CVE-2025-53694

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP.This issue affects Sitecore Experience Manager XM: from 9.2 through 10.4; Experience Platform XP: from 9.2 through 10.4...

CVE-2025-53694

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP.This issue affects Sitecore Experience Manager XM: from 9.2 through 10.4; Experience Platform XP: from 9.2 through 10.4...

CVE-2025-53694

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP.This issue affects Sitecore Experience Manager XM: from 9.2 through 10.4; Experience Platform XP: from 9.2 through 10.4...

AZL-62182 CVE-2025-30721 affecting package mysql for versions less than 8.0.42-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

UBUNTU-CVE-2024-56195

Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...

PT-2023-32102 · WordPress · Message Ticker Plugin

Name of the Vulnerable Software and Affected Versions: Message ticker plugin for WordPress versions up to, and including, 9.2 Description: The issue arises from insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query, allowing authenticate...

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

Hitachi Pentaho Business Analytics 路径遍历漏洞

Hitachi Pentaho Business Analytics is a business analytics platform from Hitachi, Japan, Inc. for securely accessing, integrating, manipulating, visualizing and analyzing big data assets. A security vulnerability exists in Hitachi Pentaho Business Analytics version 9.2.0.2 prior to version 9.2 an...

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An information disclosure vulnerability exists in Dell PowerScale OneFS versions 8.2.x through 9.2.x that originates from an error message containing sensitive...

CVE-2021-35601

Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack product of Oracle PeopleSoft component: Students Administration. Supported versions that are affected are 9.0 and 9.2. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segmen...

PT-2021-22464 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.2 through 9.5.5 Description: The issue concerns the disclosure of GLPI and server information through the telemetry endpoint. This problem is fixed in version 9.5.6. Recommendations: For versions 9.2 through 9.5.5, as a...

CVE-2021-27613

Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to...

PT-2019-16870 · Ibm · Ibm Bigfix Platform

Name of the Vulnerable Software and Affected Versions: IBM BigFix Platform versions 9.2 through 9.5 Description: The issue allows a low-privilege user to manipulate the UI, exposing interface elements and information normally restricted to administrators. Recommendations: For versions 9.2 through...

IBM BigFix Platform Information Disclosure Vulnerability (CNVD-2018-25405)

IBM BigFix Platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. An information disclosure vulnerability exists in IBM BigFix Platform versions 9.5 through 9.5.9 and 9.2 through 9.2.14, which can be exploited by an attacker to gain...

GHSA-VGG8-72F2-QM23 Critical severity vulnerability that affects org.eclipse.jetty:jetty-server

In Eclipse Jetty, versions 9.2.x and older, 9.3.x, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined...