EUVD-2022-27511

Malicious code in bioql PyPI...

CVE-2025-26399

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...

CVE-2025-26399

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...

CVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation Vulnerability

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...

SolarWinds Web Help Desk 代码问题漏洞

SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A code issue vulnerability exists in SolarWinds Web Help Desk that stems...

SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AjaxProxy class. The issue results from the lack of proper validation of...

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-22365)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-22365 DESCRIPTION: IBM WebSphere Application...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to Spoofing (CVE-2022-22365)

Summary IBM WebSphere Application Server is vulnerable to spoofing when the Ajax Proxy Web Application AjaxProxy.war is deployed. This has been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products...

Unspecified Vulnerability in IBM WebSphere Application Server

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere Application Server...

CVE-2022-22365

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application AjaxProxy.war deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904...

Spoofing

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application AjaxProxy.war deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904...

CVE-2022-22365

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application AjaxProxy.war deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904...

CVE-2022-22365

Summary of CVE-2022-22365 (IBM WebSphere Application Server) : IBM WebSphere Application Server versions 7.0, 8.0, 8.5, and 9.0 (Ajax Proxy Web Application, AjaxProxy.war deployed) are vulnerable to spoofing where a MITM attacker can spoof SSL server hostnames. Impact is spoofing and potential cr...

IBM WebSphere Application Server 安全漏洞

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere Application Server...

CVE-2022-22365

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application AjaxProxy.war deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904...

WoltLab Community Gallery Cross-Site Scripting Vulnerability

WoltLab Community Gallery is a set of community photo gallery applications for sharing images and experiences in the community by WoltLab Germany. A cross-site scripting vulnerability exists in version 2.0 of WoltLab Community Gallery prior to 2014-12-26, which stems from a failure of the...