Kiteworks cross-site scripting vulnerabilities

Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.3.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from reflective cross-site scripting, which could allow external attackers...

Kibana 9.3.3 Security Update (ESA-2026-28)

Server-Side Request Forgery SSRF in Kibana One Workflow Leading to Information Disclosure Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in...

CLEANSTART-2026-EW93264 Security fixes for GHSA-4CX2-FC23-5WG6, GHSA-6XW4-3V39-52MM, GHSA-72QJ-48G4-5XGX, GHSA-MR3Q-G2MV-MR4Q, GHSA-P543-XPFM-54CP, GHSA-VC5P-V9HR-52MJ, GHSA-VQG5-3255-V292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2

Multiple security vulnerabilities affect the logstash-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2025-9121 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-984893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984893 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and...

mysql: Encryption unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

mysql: DDL unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2025-50068

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Cluster execute...

PT-2024-8175 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.3.0 through 10.0.16 Description: The issue is related to incorrect access control in the GLPI system, which can be exploited by a remote attacker to gain unauthorized access to an account through the API. An authenticated user...

GLSA-202210-25 : ISC BIND: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-25 ISC BIND: Multiple Vulnerabilities - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1...

Dell Technologies Dell PowerScale OneFS 授权问题漏洞

Dell PowerScale OneFS is an operating system from Dell Technologies, USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An authentication bypass vulnerability exists in Dell EMC PowerScale OneFS versions 8.2.2-9.3.0.x. A remote attacker could exploit this vulnerabilit...