CVE-2026-46905

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

CLEANSTART-2026-TK12973 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 9.2.8-r0, 9.2.8-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

Linux Distros Unpatched Vulnerability : CVE-2026-26064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal...

CVE-2025-36351

IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in the REST API interface and perform unauthorized actions...

CVE-2021-35601

Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack product of Oracle PeopleSoft component: Students Administration. Supported versions that are affected are 9.0 and 9.2. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segmen...

CVE-2025-30714

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

CVE-2023-50310

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval...

CVE-2024-40681

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager...

VulnCheck KEV: CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

CVE-2022-22489

IBM MQ 8.0, 9.0, 9.1, 9.2 LTS, and 9.1 and 9.2 CD are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339...

CVE-2022-31237

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure...

DELL EMC PowerScale 安全漏洞

Dell EMC PowerScale OneFS is an API-driven file system. an information disclosure vulnerability exists in Dell EMC PowerScale OneFS versions 8.2.-9.2.. The vulnerability stems from improper handling of exception conditions. An attacker could use the vulnerability to obtain information out of...

CVE-2021-29707

IBM HMC Hardware Management Console V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879...

SAP Business One Information Disclosure Vulnerability

SAP Business One is a business management software for small businesses. The software includes features such as financial management, customer relationship management and human resource management. A security vulnerability exists in SAP Business One versions 9.2 and 9.3. An attacker could exploit...

CVE-2018-2425

Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted...

CVE-2018-1600

IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745...

IBM BigFix Platform Cross-Site Request Forgery Vulnerability

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A cross-site request forgery vulnerability exists in the BigFix Relay Diagnostic page in IBM BigFix Platform versions 9.2 and 9.5. A remote attacker could exploit the...

CVE-2018-1475

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 140756...

GitLab Cross-Site Scripting Vulnerability (CNVD-2018-08692)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A cross-site scripting vulnerability exists in GitLab CE and EE versions 9.2 through 10.4. The...