CVE-2026-25231

FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory can be accessed directly by any user who knows or...

CVE-2025-13003

Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc. AxOnboard allows Exploitation of Trusted Identifiers.This issue affects AxOnboard: from 3.2.0 before 3.3.0...

EUVD-2025-202682

Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc. AxOnboard allows Exploitation of Trusted Identifiers.This issue affects AxOnboard: from 3.2.0 before 3.3.0...

CVE-2025-58158 Harness Affected by Arbitrary File Write in Gitness LFS server

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...

Harness 安全漏洞

Harness is a development platform open-sourced by Harness. A security vulnerability exists in Harness versions prior to 3.3.0, which stems from an improperly cleaned upload path that could lead to arbitrary file writes...

Medium Strength Cipher Suites detected on port on ports 9000 and 8036

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on ports 9000 and 8036. Those ports are internal ports...

PT-2023-7890 · Sap · Sap Btp Security Services Integration Library

Name of the Vulnerable Software and Affected Versions: SAP BTP Security Services Integration Library versions below 2.17.0 SAP BTP Security Services Integration Library versions from 3.0.0 to before 3.3.0 Description: The issue is related to insecure privilege management in the SAP BTP Security...

PT-2023-32400 · Pkp · Pkp-Lib

Name of the Vulnerable Software and Affected Versions: pkp/pkp-lib versions prior to 3.3.0-16 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository pkp/pkp-lib. Recommendations: For versions prior to 3.3.0-16, update to version 3.3.0-16 or later to resolve...

PT-2023-32407 · Pkp · Pkp-Lib

Name of the Vulnerable Software and Affected Versions: pkp/pkp-lib versions prior to 3.3.0-16 Description: The issue is related to Cross-Site Request Forgery. Recommendations: For versions prior to 3.3.0-16, update to version 3.3.0-16 or later to resolve the issue...

PT-2023-32410 · Public Knowledge · Pkp-Lib

Name of the Vulnerable Software and Affected Versions: pkp-lib versions prior to 3.3.0-16 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation, allowing attackers to inject malicious scripts. This can...

PT-2023-19501 · Nio · Nio Ec6 Aspen

Name of the Vulnerable Software and Affected Versions: NIO EC6 Aspen versions prior to 3.3.0 Description: The issue in the com.nextev.datastatistic component allows attackers to escalate privileges via path traversal. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later ...

SUSE CVE-2019-14871

The REENTCHECK macro see newlib/libc/include/sys/reent.h as used by REENTCHECKTM, REENTCHECKMISC, REENTCHECKMP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the DEBUG flag is unset as is the case in production firmware builds...

SUSE CVE-2019-14876

In the lshift function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer dereference bug in case...

Pure Storage FlashArray 和 FlashBlade 安全漏洞

Pure Storage FlashArray and Pure Storage FlashBlade are both products of Pure Storage, Inc. the Pure Storage FlashArray is an all QLC flash storage array. the Pure Storage FlashBlade is a consolidated storage platform for file and object Pure Storage FlashBlade is a consolidated storage platform...

Cobbler 安全漏洞

Cobbler is a Linux installation server that allows for quick setup of network installation environments.Cobbler is vulnerable to authorization issues in versions prior to 3.3.0.The vulnerability stems from a lack of authentication measures or insufficient authentication strength in the network...

PT-2021-22861 · Cobbler +2 · Cobbler +2

Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.0 Description: The issue allows for authorization bypass, enabling modification of settings. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue...

PT-2021-22860 · Cobbler +2 · Cobbler +2

Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.0 Description: The issue allows arbitrary file write operations via upload log data. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue...

F5 NGINX Controller Information Disclosure Vulnerability (CNVD-2020-33346)

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller versions prior to 3.3.0 that originates when NGINX Controlle...

Red Hat newlib libc library code issue vulnerability (CNVD-2020-19542)

Red Hat is the world's leading provider of enterprise open source solutions using a community-supported approach to delivering high-performance Linux, cloud, container and Kubernetes technologies. A code issue vulnerability exists in the 'mdiff' function in newlib libc library versions prior to...

Red Hat newlib libc library code issue vulnerability

Red Hat is the world's leading provider of enterprise open source solutions using a community-supported approach to delivering high-performance Linux, cloud, container and Kubernetes technologies. A code issue vulnerability exists in the 'mdiff' function in newlib libc library versions prior to...