FRRouting Security Vulnerabilities

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting FRR versions prior to 8.5 that stems from an attempt to read beyond the end of the stream during parsing...

PortlandLabs Concrete CMS 安全漏洞

PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, USA. A security vulnerability exists in Concrete CMS concrete5 versions prior to 8.5.10 and 9.0.0 through 9.1.2, which stems from not using strict comparisons for legacysalt, and a limited...

CVE-2021-22023

The vRealize Operations Manager API 8.x prior to 8.5 has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover...

CVE-2021-22024

The vRealize Operations Manager API 8.x prior to 8.5 contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure...

CVE-2020-5987

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or...

IBM iNotes Cross-Site Scripting Vulnerability (CNVD-2018-13098)

IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. A cross-site scripting vulnerability exists in...

CVE-2016-1161

Cross-site request forgery CSRF vulnerability in ManageEngine Password Manager Pro before 8.5 Build 8500...