6 matches found
Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by command injection.
Summary glob-10.4.5.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-64756. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command...
EUVD-2026-35896
Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...
CVE-2025-14510
Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...
ai.driftkit:driftkit-chat-assistant-framework (>=0.5.0 <=0.8.7), ai.driftkit:driftkit-clients-spring-ai-starter (>=0.6.0 <=0.8.7) +3206 more potentially affected by CVE-2025-22228 via org.springframework.security:spring-security-crypto (>=6.3.0 <=6.3.7)
org.springframework.security:spring-security-crypto MAVEN version =6.3.0, =0.5.0, =0.6.0, =0.5.0, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.1, =cloud-0.3 and more Source cves: CVE-2025-22228 Source advisory: OSV:GHSA-MG83-C7GQ-RV5C...
com.qwlabs.doraemon:task-queue (>=0.3.0 <=0.3.37), io.apicurio:apicurio-registry-app (>=3.0.4 <=3.0.6) +94 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.3.0 <=6.4.1)
io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.3.0, =0.3.0, =3.0.4, =3.0.4, =3.0.4, =3.0.4, =0.34.0, =4.0.2, =4.0.2, =4.0.2, =3.10.0, =3.10.0, =6.3.0, =6.3.0, =6.3.0, =6.3.0, =6.4.1 and more Source cves: CVE-2025-2240 Source advisory:...
PT-2019-2137 · Cisco · Cisco Firepower Management Center
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 6.2.3, 6.3.0, and 6.4.0 Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...