CVE-2026-2414

Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2...

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. Versions of Parse Server prior to 9.5.2-alpha.12 and 8.6.25 contain security vulnerabilities. These vulnerabilities stem from the ability to read, modify, and delete...

PT-2026-3702

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 9.0.0 through 9.5.0 Description An issue exists in the MySQL Server component of Oracle MySQL Server: Parser that allows a high-privileged attacker with network access to compromise the server. Successful exploitation can...

PT-2025-44636

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap buffer overflow issue within the vtkGLTFDocumentLoader. This occurs when processing specifically designed GLTF files, where the copy constructor ...

CVE-2025-60100

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...

Linux Distros Unpatched Vulnerability : CVE-2025-23046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a Mail servers authentication provider is...

SUSE CVE-2024-54682

Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, 9.5.x = 9.5.12 fail to limit the file size for slack import file uploads which allows a user to cause a DoS via zip bomb by importing data in a team they are a team admin...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.9.x through 9.9.1, 9.5.x through 9.5.7, 9.10.x through 9.10.0, and 9.8.x through 9.8.2, which stems from a failure to restrict inputs in the...

OpenSSH Security Vulnerabilities

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

HCL Technologies Workload Automation 代码问题漏洞

HCL Technologies Workload Automation is a workload automation software from HCL Technologies India. It refers to the use of software to schedule, manage and execute various business tasks and processes with minimal human intervention. A security vulnerability exists in HCL Technologies Workload...

SUSE CVE-2013-0626

Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610...

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

CVE-2022-22369

IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwrite key system files which would cause the system to crash. IBM X-Force ID: 221187...

CVE-2021-41765

A SQL injection issue in pages/editfields/9ajax/addkeyword.php of ResourceSpace 9.5 and 9.6 rev 18274 allows remote unauthenticated attackers to execute arbitrary SQL commands via the k parameter. This allows attackers to uncover the full contents of the ResourceSpace database, including user...

HCL Technologies Digital Experience Cross-Site Scripting Vulnerability

HCL Technologies Digital Experience is a suite of digital experience platforms, content delivery solutions from HCL Technologies India. HCL Digital Experience versions 8.5, 9.0, 9.5 have a cross-site scripting vulnerability where a sub-component is susceptible to an XSS attack where in the...

GHSA-X56P-C8CG-Q435 Open Redirect in Next.js versions

Impact - Affected: Users of Next.js between 9.5.0 and 9.5.3 - Not affected: Deployments on Vercel https://vercel.com are not affected - Not affected: Deployments using next export We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. Patches...

PT-2020-10293 · Intland · Codebeamer Alm

Name of the Vulnerable Software and Affected Versions: Intland codeBeamer ALM versions 9.5 and earlier Description: The issue is related to stored XSS via the Trackers Title parameter. This allows for malicious code to be stored and executed when a user views the affected page. There is no...

CVE-2018-1600

IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745...

IBM BigFix Platform Cross-Site Request Forgery Vulnerability

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A cross-site request forgery vulnerability exists in the BigFix Relay Diagnostic page in IBM BigFix Platform versions 9.2 and 9.5. A remote attacker could exploit the...

CVE-2018-1475

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 140756...