CVE-2025-2139

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...

CVE-2025-2138

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security...

CVE-2025-2139

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...

CVE-2025-2138

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 are vulnerable to deleting comments from other users due to client-side enforcement of server-side security. Root cause: client-side security enforcement allowing authenticated network users to modify others’ comments. CVSS ...

CVE-2025-2138 IBM Engineering Requirements Management Doors Next data modification

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security...

CVE-2025-2138 IBM Engineering Requirements Management Doors Next data modification

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security...

CVE-2025-2139

IBM Engineering Requirements Management DOORS Next (versions 7.0.2, 7.0.3, 7.1) is affected by CVE-2025-2139 due to client-side enforcement of server-side security, allowing an authenticated network user to delete reviews from other users. The CVSSv3.1 base score is 3.5 (low impact on integrity; ...

CVE-2025-2139 IBM Engineering Requirements Management Doors Next security bypass

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users due to client-side enforcement of server-side security...

EUVD-2025-33884

HCL Unica MaxAI Assistant is susceptible to a HTML injection vulnerability. An attacker could insert special characters that are processed client-side in the context of the user's session...

CVE-2025-31992

HCL Unica MaxAI Assistant is susceptible to a HTML injection vulnerability. An attacker could insert special characters that are processed client-side in the context of the user's session...

CVE-2025-31992

CVE-2025-31992 affects HCL Unica MaxAI Assistant. The issue is a HTML injection vulnerability where an attacker could insert special characters that are processed client-side within the user’s session. The CVSSv3.1 metrics in the initial data indicate: AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N, base sc...

CVE-2025-31992 HCL MaxAI Assistant is susceptible to a HTML injection vulnerability

HCL Unica MaxAI Assistant is susceptible to a HTML injection vulnerability. An attacker could insert special characters that are processed client-side in the context of the user's session...

HCL Unica MaxAI Assistant 安全漏洞

HCL Unica MaxAI Assistant is an AI assistant module from HCL India. A security vulnerability exists in HCL Unica MaxAI Assistant that stems from improper handling of client-side special characters, which could lead to HTML injection attacks...

PT-2025-41720

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Management Doors Next versions 7.0.2 through 7.1 Description An authenticated user on the network may be able to delete comments from other users. This is due to client-side enforcement of server-side security...

PT-2025-41708

Name of the Vulnerable Software and Affected Versions HCL Unica MaxAI Assistant affected versions not specified Description HCL Unica MaxAI Assistant is susceptible to a HTML injection issue. An attacker could insert special characters that are processed client-side within the user’s session...

PT-2025-41721

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Management Doors Next versions 7.0.2 through 7.1 Description An authenticated user on the network may be able to delete reviews belonging to other users. This is due to client-side enforcement of what should be...

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...

IBM Engineering Requirements Management DOORS Next 安全漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A security vulnerability exists in IBM Engineering Requirements Managemen...

python-ldap is Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

Summary ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP...

PT-2025-41626

🟠 python-ldap, Client-Side Denial of Service, CVE-2024-5319 Medium https://t.co/upnk2q5jR1...