36 matches found
CVE-2026-10852
CVE-2026-10852 affects IBM WebSphere Application Server and IBM WebSphere Application Server Liberty via the WebSphere WebServer Plug-in. The IBM and NVD entries describe a denial-of-service vulnerability triggered by crafted requests to the web server. Affected versions include IBM WebSphere App...
CVE-2026-7870
CVE-2026-7870 affects IBM i 7.3–7.6 (5770-SS1). Root cause: an unqualified library call (CWE-427) could let a user’s code run with administrator privileges, enabling privilege escalation. Impact: allows elevated rights, with CVSSv3.1 base score 8.8 (HIGH) — attack vector: network, complexity: low...
WordPress ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Authenticated (Subscriber+) SQL Injection vulnerability
Authenticated Subscriber+ SQL Injection vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...
Fortinet FortiSIEM 跨站脚本漏洞
Fortinet FortiSIEM is a security information and event management system developed by the American company Fortinet. This system includes features such as asset discovery, workflow automation, and unified management. Versions of Fortinet FortiSIEM ranging from 7.3.0 to 7.3.4 contain a cross-site...
Mitel MiVoice MX-ONE security vulnerabilities
Mitel MiVoice MX-ONE is a comprehensive communication solution provided by the Canadian company Mitel. Versions 7.3 to 7.8 SP1 of Mitel MiVoice MX-ONE contain security vulnerabilities. These vulnerabilities stem from improper authentication mechanisms, which may allow for bypasses during...
AIX is vulnerable to potential code execution (CVE-2025-61984 CVE-2025-61985) due to OpenSSH
IBM SECURITY ADVISORY First Issued: Tue Jan 6 13:47:51 CST 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/opensshadvisory20.asc Security Bulletin: AIX is vulnerable to potential code execution CVE-2025-61984, CVE-2025-61985 due to...
Liferay Portal和Liferay DXP 跨站脚本漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
CVE-2025-62258
CSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4.3.107, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to execute any Headless API via the endpoint parameter...
PT-2025-43827
Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.0...
CVE-2024-48891
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...
PT-2025-4861 · Ibm · Ibm Tivoli Application Dependency Discovery Manager
Name of the Vulnerable Software and Affected Versions: IBM Tivoli Application Dependency Discovery Manager versions 7.3.0.0 through 7.3.0.11 Description: This issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and...
IBM i 安全漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.3, 7.4, and 7.5 that originates from an easy bypass of the Navigator for i interface restrictions, which can be...
IBM AIX 操作系统命令注入漏洞
IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. An operating system command injection vulnerability exists in IBM AIX versions 7.2 and 7.3, which stems from improper neutralization of user input. An attacker...
WordPress plugin Ultimate Membership Pro 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the host...
IBM i 权限许可和访问控制问题漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A privilege permission and access control issue vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5, which stems from insufficient privilege management and ca...
IBM i Security Vulnerabilities
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the...
IBM i 安全漏洞
IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5, which can be exploited by an attacker to elevate privileges and gain root access to the host...
IBM Navigator for i SQL注入漏洞
IBM Navigator for i is a console interface used in IBMi by International Business Machines IBM to perform and manage critical tasks in IBMi. IBM Navigator for i is vulnerable to SQL injection in versions 7.3, 7.4, and 7.5. The vulnerability stems from the application's lack of validation of...
PT-2022-10884 · Ibm · Ibm Qradar Siem
Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.3 through 7.5 Description: The issue allows for local privilege escalation. If combined with other unknown vulnerabilities, it could potentially lead to privilege escalation. Recommendations: For versions 7.3 throug...