Unity Linux 20.1060e / 20.1070e Security Update: maven-shared-utils (UTSA-2026-016689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016689 advisory. In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection...

CVE-2025-9905 affecting package keras for versions less than 3.3.3-4

CVE-2025-9905 affecting package keras for versions less than 3.3.3-4. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2017-15574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment. CVE-2017-15574 Note that Nessus relies on the...

Joplin 安全漏洞

Joplin is an open source note-taking and to-do list application by Laurent Cozic, an individual developer. A security vulnerability exists in Joplin versions prior to 3.3.3, which stems from an API endpoint that can be exploited by a non-administrative user to set the isadmin field, potentially...

CImg Security Vulnerabilities

CImg is a small open source C++ toolkit for image processing from GREYC Open Source. A security vulnerability exists in versions prior to Clmg 3.3.3. An attacker exploited this vulnerability to cause a heap-based buffer overflow via a specially crafted cimglibrary::CImg::loadanalyze file...

PT-2023-29658 · Ibm +1 · Ibm Cloudant +1

Name of the Vulnerable Software and Affected Versions: Apache CouchDB versions prior to 3.3.3 IBM Cloudant versions prior to 8413 Description: Design document functions that receive a user HTTP request object may expose authorization or session cookie headers of the user who accesses the document...

SUSE CVE-2004-0691

Heap-based buffer overflow in the BMP image format parser for the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code...

SUSE CVE-2013-1839

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a "," character in an Accept-Language header...

SUSE CVE-2017-15574

In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment...

PT-2021-19739 · Qsan · Qsan Storage Manager

Name of the Vulnerable Software and Affected Versions: QSAN Storage Manager versions prior to 3.3.3 Description: The issue is related to improper access control in the FirmwareUpgrade component of QSAN Storage Manager, allowing remote attackers to reboot and discontinue the device. Recommendation...

Red Hat Quay Access Control Error Vulnerability

Red Hat Quay is a distributed container image repository from Red Hat, Inc. that is used to build, distribute and deploy containers. An access control error vulnerability exists in Red Hat Quay versions prior to 3.3.3, which stems from an email notification authorization bypass...

Redmine Information Disclosure Vulnerability (CNVD-2017-31951)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . An information disclosure vulnerability exists in Redmine versions prior to 3.2.6 and 3.3.x prior to...

Redmine Information Disclosure Vulnerability (CNVD-2017-31956)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . An information disclosure vulnerability exists in Redmine versions prior to 3.2.6 and 3.3.x prior to...

Redmine cross-site scripting vulnerability (CNVD-2017-31954)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in Redmine versions prior to 3.2.6 and 3.3.x prior to 3.3.3...

UBUNTU-CVE-2017-15575

In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact...

PT-2014-3529 · Ovirt · Ovirt Engine Reports

Name of the Vulnerable Software and Affected Versions: ovirt-engine-reports versions prior to 3.3.3 Description: The setup script stores the reports database password in cleartext, allowing local users to obtain sensitive information by reading an unspecified file. Recommendations: For versions...

PT-2014-3530 · Red Hat · Rhevm-Reports

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager reports rhevm-reports versions prior to 3.3.3-1 Description: The issue allows local users to obtain sensitive information by reading a configuration file due to world-readable permissions. The file in...