CVE-2026-8835

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

CVE-2026-8834

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

Astra Linux - уязвимость в postgresql-11

schemaelement defeats protective measures for search paths; It was discovered that certain database calls in PostgreSQL could allow an authenticated attacker with elevated database-level privileges to execute arbitrary code...

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 11.9 to 11.12.4Update1, 12.0 to 12.11.7, and 2025.1 to 2026.1.1 of WatchGuard Fireware OS. These vulnerabilities stem from out-of-bound writing, allowing...

CVE-2025-64156

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7, FortiVoice 6.4 all versions, FortiVoice 6.0 all versions may allow an authenticated privileged attacker to execute...

CVE-2025-12026

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including...

PT-2025-49166

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11.2 Description A stack-based buffer overflow exists in the certificate request command of WatchGuard Fireware OS. An authenticated...

PT-2025-49156

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description An out-of-bounds write issue exists in the Command Line Interface CLI...

EUVD-2025-29862

Malicious code in bioql PyPI...

CVE-2025-48395

An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version of NMC G2 which is available on the Eaton download center...

CVE-2025-48395

CVE-2025-48395 affects Eaton NMC G2. The issue allows an attacker with authenticated privileged access to modify the contents of a non-sensitive file by traversing a path in the CLI’s limited shell. Root cause: path traversal in the restricted CLI shell. Impact is limited to file contents modific...

PT-2025-34290 · Aveva · Ie Integrator

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability, if exploited, could allow an authenticated attacker with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional...

CVE-2025-27759

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code o...

CVE-2025-33023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...

CVE-2025-40746

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.2. Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT...

CVE-2024-33253

Cross-site scripting XSS vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function...

CVE-2023-50955

IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777...

IBM InfoSphere Information Server Security Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server version 11.7 that originate...

CVE-2023-4162

A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command. This could allow an authenticated privileged user local user to crash a Brocade Fabric OS swith using the cli “passwdcfg --set -expire -minDiff“...

Snow Software Snow License Manager Cross-Site Scripting Vulnerability

Snow Software Snow License Manager SLM is the central hub of the Snow Software Asset Management platform from Snow Software, Sweden. A cross-site scripting vulnerability exists in Snow Software Snow License Manager versions 8.0.0 through 9.30.1, which originates from a cross-site scripting attack...