CVE-2026-25992

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...

Linux Distros Unpatched Vulnerability : CVE-2012-3790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web...

Apache CXF 代码问题漏洞

Apache CXF is the United States Apache Apache Foundation of an open source Web services framework. The framework supports a variety of Web services standards , a variety of front-end programming APIs and so on. A code issue vulnerability exists in Apache CXF versions prior to 3.5.5 and 3.4.10,...

CVE-2019-19678

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue...

SilverStripe CMS User Enumeration Vulnerability

SilverStripe CMS is a New Zealand SilverStripe company's open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . A security vulnerability exists in the login and password reset forms in SilverStripe C...

CVE-2012-4679

Cross-site scripting XSS vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the fusername parameter...