CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

CVE-2026-2253

Hitachi Vantara Pentaho Data Integration & Analytics is affected by an XXE issue in XML parsing. Versions before 10.2.0.7 and 11.0.0.0 (including 9.3.x and 8.3.x) do not sufficiently restrict external entities, enabling potential confidentiality impact. CVSSv3.1 base score 7.7 (HIGH) with NETWORK...

CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

Security Bulletin: IBM OpenPages fixes form-data package vulnerability

Summary Vulnerability in the form-data package with IBM OpenPages has been addressed in the latest IBM OpenPages fix pack version for 8.3, 9.0 and mod version for 9.1 Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

CVE-2024-49783

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...

CVE-2024-49344

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout...

IBM OpenPages with Watson 安全漏洞

IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring,...

IBM OpenPages with Watson 授权问题漏洞

IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risk in financial activities by integrating, automatically identifying, measuring, monitoring,...

PT-2024-26338 · Ibm · Ibm Openpages With Watson

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue allows authenticated users to access sensitive information due to improper authorization controls on APIs. Recommendations: For versions 8.3 and 9.0, consider restricti...

CVE-2024-1464

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

IBM Spectrum Virtualize 日志信息泄露漏洞

IBM Spectrum Virtualize is a block storage virtualization system from International Business Machines IBM, Inc. that improves the data value, security, and simplicity of new and existing storage infrastructures. A log information disclosure vulnerability exists in IBM Spectrum Virtualize versions...

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by China Zzcms team. A security vulnerability exists in ZZCMS 8.2, 8.3, 2020, 2021, which originates from a SQL injection when registering a regular user in dl/dlprint.php...

Unspecified Vulnerability in Oracle Enterprise Session Border Controller

Oracle Enterprise Session Border Controller E-SBC connects disparate Internet Protocol IP communications networks while mitigating security threats, resolving interoperability issues, and ensuring reliable communications. A security vulnerability exists in the File Upload component in Oracle...

GitLab Information Disclosure Vulnerability (CNVD-2020-17383)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A security vulnerability exists in GitLab versions 8.3 through 12.8.1. An attacker can exploit the...

HPE enhanced Internet Usage Manager Cross-Site Scripting Vulnerability

HPE enhanced Internet Usage Manager eIUM is a real-time billing platform from Hewlett Packard Enterprise HPE, USA. The platform provides features such as charge control and session management. A cross-site scripting vulnerability exists in HPE eIUM versions 8.3 and 9.0. An attacker could exploit...

CVE-2019-7476

A vulnerability in SonicWall Global Management System GMS, allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier...

PT-2019-10253 · Pulse Secure · Pulse Policy Secure +1

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 8.3R2 and earlier Pulse Policy Secure PPS versions 5.4RX and earlier Description: A cross-site scripting XSS issue was discovered in Psaldownload.cgi. This issue affects Pulse Secure products. Recommendations...

NetApp Clustered Data ONTAP Remote Code Execution Vulnerability

NetApp Clustered Data ONTAP is a set of storage operating system for clustered mode from American NetApp. The system supports users to enhance the performance of enterprise applications and improve data center flexibility and so on. A remote code execution vulnerability exists in NetApp Clustered...

CVE-2017-10160

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with netwo...