CVE-2026-40127

OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key vulnerability in ApplicationID parameter. Any authenticated user, can read the Change Log containing actions performed by other users as well as application name of any application. This issue was fixed in...

CVE-2026-40127 Authorization Bypass Through User-Controlled Key in OutSystems Lifetime

OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key vulnerability in ApplicationID parameter. Any authenticated user, can read the Change Log containing actions performed by other users as well as application name of any application. This issue was fixed in...

EUVD-2026-31662

OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key vulnerability in ApplicationID parameter. Any authenticated user, can read the Change Log containing actions performed by other users as well as application name of any application. This issue was fixed in...

openITCOCKPIT 代码问题漏洞

openITCOCKPIT is an open-source system monitoring software. Versions of openITCOCKPIT 5.3.1 and earlier have code vulnerabilities. These vulnerabilities stem from unsafe PHP deserialization patterns when processing change log entries, which may lead to potential PHP object injection vulnerabiliti...

Stable Channel Update for Desktop

The Stable channel has been updated to 144.0.7559.96/.97 for Windows/Mac and 144.0.7559.96 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restrict...

October 28, 2025—KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

October 28, 2025—KB5067036 OS Builds 26200.7019 and 26100.7019 Preview ​​​​​This non-security update for Windows 11, version 25H2 and 24H2 KB5067036, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview...

EUVD-2011-1820

Malware in sbrugna...

Gazelle Cross-Site Scripting Vulnerability

Gazelle is a web framework for private BitTorrent trackers. Gazelle suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Message in the file /sections/tools/managers/changelog.php, which can be...

CVE-2025-10340

A vulnerability was determined in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/changelog.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross...

CVE-2025-10340

A vulnerability was determined in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/changelog.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross...

CVE-2025-10340 WhatCD Gazelle Commit Message change_log.php cross site scripting

A vulnerability was determined in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/changelog.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross...

CVE-2025-10340

Summary (MODE C): CVE-2025-10340 affects WhatCD Gazelle, specifically the Change Log utility in the Commit Message Handler. The vulnerability is a cross-site scripting flaw triggered by manipulating the Message argument in /sections/tools/managers/change_log.php. Exploitation can be performed rem...

PT-2025-37365

Name of the Vulnerable Software and Affected Versions: WhatCD Gazelle versions prior to 63b337026d49b5cf63ce4be20fdabdc880112fa3 Description: A vulnerability exists in WhatCD Gazelle that allows for cross-site scripting. The issue is located in an unknown function within the...

Gazelle 代码注入漏洞

Gazelle is a web framework for private BitTorrent trackers. Gazelle suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Message in the file /sections/tools/managers/changelog.php, which can be...

Fedora: Security Advisory (FEDORA-2024-0cf8baac55)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-1822

The LDAPADD implementation in IBM Tivoli Directory Server TDS 5.2 before 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log...

DrayTek Vigor 3910 安全漏洞

The DrayTek Vigor 3910 is a high performance router for enterprise networks from DrayTek. A buffer overflow vulnerability exists in the DrayTek Vigor 3910 v4.3.2.6, which originates from the CGIbyFieldName parameter of the chglog.cgi page that fails to correctly validate the length of the input...

Archive spoofing vulnerability in borgbackup

Impact A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to 1. insert files with no additional headers into backups 2. gain write acce...

Spring Modulith 0.3 released

Hot on the heels of Spring Boot 3.0.2, I am excited to announce the 0.3 release of Spring Modulith. The release is packed with improvements. We have tweaked a couple of things that might require your attention and a couple of adapting changes to your code. The most notable changes are: GH-114 – W...

Spring Modulith 0.3 released

Hot on the heels of Spring Boot 3.0.2, I am excited to announce the 0.3 release of Spring Modulith. The release is packed with improvements. We have tweaked a couple of things that might require your attention and a couple of adapting changes to your code. The most notable changes are: GH-114 – W...