28 matches found
Dell Unisphere for PowerMax vApp 授权问题漏洞
Dell Unisphere for PowerMax vApp is a virtualization management solution developed by the American company Dell. Versions of Dell Unisphere for PowerMax vApp prior to 10.0.0.2 had an authorization-related vulnerability. This vulnerability stemmed from an attempt to bypass authorization...
GLPI SQL注入漏洞
GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases for managing various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...
PT-2026-22324
Name of the Vulnerable Software and Affected Versions Johnson Controls Frick Controls Quantum HD versions prior to 10.22 Description A flaw exists in Johnson Controls Frick Controls Quantum HD that allows for the execution of code remotely without authentication. This is due to insufficient...
CVE-2025-9121
Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...
EUVD-2025-202435
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
MailEnable 代码问题漏洞
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
CVE-2025-46428
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
Dnn.Platform 跨站脚本漏洞
Dnn.Platform is an open source web content management platform CMS open sourced by Dnn Software. A cross-site scripting vulnerability exists in Dnn.Platform versions prior to 10.0.1, which stems from a specially crafted request injection script that could lead to a cross-site scripting attack...
Publify 安全漏洞
Publify is a simple but full-featured web publishing software from Publify Open Source. A security vulnerability exists in Publify versions prior to 10.0.1, which stems from a possible cross-site scripting attack against administrators via the redirection feature...
UBUNTU-CVE-2025-23024
GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the install/update.php file...
PT-2025-1739 · WordPress · Wp Travel
Name of the Vulnerable Software and Affected Versions: WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin for WordPress versions prior to 10.0.1 Description: The issue is related to SQL Injection via the booking itinerary parameter of the wptravel get booking data function...
WordPress Plugin Information Reel SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Veritas Technologies Veritas NetBackup 代码问题漏洞
Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A code issue vulnerability exists in Veritas Technologies Veritas NetBackup versions prior to 10.0, which stems from a flaw in the way DLL paths are verified prior...
CVE-2022-38123
Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...
GLPI 跨站脚本漏洞
GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...
Opencast 授权问题漏洞
Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. An authorization issue vulnerability exists in Opencast prior to version 10.14 and prior to version 11.7, which stems from the fact that a user can pass i...
CVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to th...
LumisXP 代码问题漏洞
LumisXP is an application from the Portuguese company LumisXP. It provides a platform for managing customers. A security vulnerability exists in LumisXP versions prior to 10.0.0 that allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. An attack that exploits this...
Apple macOS Catalina Wi-Fi component memory corruption vulnerability (CNVD-2020-32218)
Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.Wi-Fi is one of the wireless Internet components. A memory corruption vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5, which can be exploited by an attack...
CVE-2020-12875
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application...