CVE-2025-46363

Dell Secure Connect Gateway SCG 5.0 Application and Appliance versions 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API if this REST API is enabled by Admin user from UI. A low privileged attacker with remote...

DEBIAN-CVE-2024-52947

A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.20.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter of the upgrade session confirmation page upgradeSession / forceUpgrade if the "Upgrade session" plugin has been enabled by an admin...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from a malicious user being able to upload a manipulated SVG file with a referenced path after an...

CVE-2023-6680

An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication...

Visual Studio 2022 Security Update (17.14.26)

This security update applies to all editions of Visual Studio 2022, and will update client machines on the Current channel to version 17.14.26. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the upda...