25 matches found
CVE-2018-25405
eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract...
Oracle Financial Services Analytical Applications Infrastructure 安全漏洞
Oracle Financial Services Analytical Applications Infrastructure is a financial data analysis and modeling platform developed by Oracle Corporation. Versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 of Oracle Financial Services Analytical Applications Infrastructure contain security vulnerabilities. These...
SUSE-SU-2026:0685-1 Security update for valkey
This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788...
WordPress Soledad theme <= 8.7.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Soledad versions = 8.7.0...
CVE-2025-3583
The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
PT-2024-19815
Name of the Vulnerable Software and Affected Versions LDAP Account Manager LAM versions prior to 8.7 Description LDAP Account Manager LAM is a web frontend for managing entries stored in an LDAP directory. LAM's log configuration allows specifying arbitrary paths for log files. An attacker could...
HYPR Buffer Error Vulnerability
HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from a buffer overflow due to improperly restricted operations within a memory buffer range...
HYPR Input Validation Error Vulnerability
HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from the inclusion of incorrect input validation that results in path traversal...
PT-2024-14933 · Hypr · Hypr Workforce Access
Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows User-Controlled Filename. This affects HYPR Workforce Access on MacO...
HYPR Backlink Vulnerability
HYPR is a security application from HYPR that implements password-less security. A security vulnerability exists in HYPR Workforce Access prior to version 8.7 that stems from an incorrectly resolved file access link that allows a user to take control of a file name...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 8.7.00.1, which stems from improper authorization of Samsung Assistant PushMsgReceive...
CVE-2023-3759
A vulnerability, which was classified as critical, was found in Intergard SGS 8.7.0. Affected is an unknown function. The manipulation leads to permission issues. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this...
SUSE CVE-2016-20012
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...
IBM Maximo Mobile 安全漏洞
IBM Maximo Mobile is a generation of mobile application platform from International Business Machines IBM. A security vulnerability exists in IBM Maximo Mobile versions 8.7 and 8.8 that stems from storing user credentials in plaintext...
CVE-2021-33016
An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access to system data GitLab categorize...
CVE-2021-37734
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 a...
UBUNTU-CVE-2016-20012
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...
HP Support Assistant elevation of privilege vulnerability (CNVD-2019-23307)
HP Support Assistant is a utility program included in all HP computers to diagnose technical problems and manage updates. An elevation of privilege vulnerability exists in HP Support Assistant 8.7.50 and earlier versions. An attacker could use this vulnerability to gain system privileges and make...