CVE-2025-48878

Combodo iTop is a web based IT service management tool. In versions on the 3.x branch prior to 3.2.2, an insecure direct object reference allows a user e.g. with Service desk agent profile to create a ModuleInstallation object when they shouldn't be able to do so. Version 3.2.2 fixes the issue...

PT-2025-38753

Name of the Vulnerable Software and Affected Versions versions prior to 3.2 Description A timing attack issue exists in the SCRAM Java implementation due to the use of Arrays.equals for comparing sensitive values like client proofs and server signatures. Arrays.equals performs a short-circuit...

Brocade ASCG 安全漏洞

Brocade ASCG is a networking feature from Brocade USA that is primarily used to simplify SAN architecture and optimize resource utilization. A security vulnerability exists in Brocade ASCG versions prior to 3.2.0 that stems from not enforcing HSTS and is vulnerable to degradation attacks and...

SUSE CVE-2022-1934

Use After Free in GitHub repository mruby/mruby prior to 3.2...

CVE-2022-32260

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application creates temporary user credentials for UMC User Management Component users. An attacker could use these temporary credentials for authentication bypass in certain scenarios...

Mattermost Server Input Validation Error Vulnerability (CNVD-2020-35457)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.2.0. An attacker can exploit the vulnerability with the help of a specially crafted post to cause a web browser to hang...