328 matches found
Security Bulletin: CVE-2026-3856 found in IBM Db2 Recovery Expert for Linux, UNIX and Windows v5.5
Summary IBM Db2 Recovery Expert for Linux, UNIX and Windows could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission. Vulnerability Details ID: CVE-2026-3856 DESCRIPTION: IBM DB2 Recovery Expert for Linux, UNIX...
CVE-2025-70821
renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...
CVE-2025-70821
renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...
CVE-2025-70821
renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...
EUVD-2025-208233
renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
CVE-2026-22765
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-22766
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...
CVE-2026-23858
Dell Wyse Management Suite (WMS) versions prior to 5.5 contain an XSS vulnerability from improper neutralization of input during web page generation. A low-privileged, remote attacker could exploit this to perform script injection. CVSS‑3.1 metrics: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, base score...
CVE-2026-22766
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...
CVE-2026-22766
CVE-2026-22766 affects Dell Wyse Management Suite prior to WMS 5.5. It describes an Unrestricted Upload of File with Dangerous Type vulnerability that could allow remote code execution by a high-privilege attacker with remote access. The CVSSv3.1 base score is 7.2 (HIGH) with NETWORK attack vecto...
Dell Wyse Management Suite WMS 安全漏洞
Dell Wyse Management Suite WMS is a cloud-based and on-premise management platform developed by the American company Dell. It is used for centralized management of Wyse lightweight terminal devices, supporting features such as remote configuration, firmware updates, and security policy management...
PT-2026-21794
Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions prior to 5.5 Description Dell Wyse Management Suite versions prior to 5.5 are susceptible to an unrestricted file upload with a dangerous type. A high privileged attacker with remote access could potentially...
PT-2026-21622
A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...
Dell Wyse Management Suite WMS 安全漏洞
Dell Wyse Management Suite WMS is a cloud-based and on-premise management platform developed by the American company Dell. It is used for centralized management of Wyse lightweight terminal devices, supporting features such as remote configuration, firmware updates, and security policy management...
CVE-2025-27899 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...
PT-2026-20233
Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software contains a flaw that could enable a remote attacker to carry out phishing attacks through an open redirect. A crafted website can be used to exploit this issu...
PT-2026-20231
Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software does not invalidate sessions after a timeout. This could allow an authenticated user to impersonate another user on the system. Recommendations At the moment,...
WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Steven Julian in WordPress Plugin WP Activity Log versions = 5.5.4...
CVE-2025-54161
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...