EUVD-2026-37767

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists...

Oracle Linux 8 : libxml2 (ELSA-2026-11349)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11349 advisory. - Fix CVE-2025-9714 RHEL-119279 - Fix CVE-2025-32415 RHEL-100177 - Fix CVE-2025-7425 RHEL-102797 - Fix CVE-2025-6021 RHEL-96498 - Fix CVE-2025-49794 RHEL-96398...

CVE-2023-53574

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-01-12 17:48:05+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mcalwwfb6c2p 2026-01-12 18:14:36+00:00| seen|...

CVE-2022-50593 Advantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘searchterm’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-45748

creationtimestamp| type| source ---|---|--- 2025-04-03 15:34:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10246...

au.csiro.pathling:fhir-server (>=5.3.1 <=6.4.2), au.org.consumerdatastandards:data-holder (>=2.3.0 <=2.4.1) +2393 more potentially affected by CVE-2022-31692 via org.springframework.security:spring-security-core (>=5.7.0 <=5.7.4)

org.springframework.security:spring-security-core MAVEN version =5.7.0, =5.3.1, =2.3.0, =2.4.1 - au.org.consumerdatastandards:mock-data-holder-java =2.6.0 - be.jidoka:jdk-keycloak-admin =1.3.0 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 -...

CVE-2022-25748

creationtimestamp| type| source ---|---|--- 2022-10-19 14:15:23+00:00| seen| https://t.me/cibsecurity/51765...

PT-2021-19543 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: A DLL sideloading issue could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the...

PT-2021-19538 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: The issue is related to improper privilege management in the maconfig utility for McAfee Agent for Windows. This allows a local user to gain access to sensitive information. The...

CVE-2020-18158

Cross Site Scripting XSS vulnerability in HuCart 5.7.4 via nickname in index.php...

HuCart 跨站脚本漏洞

HuCart HuCart is a PHP Mysql-based free open source enterprise website system. HuCart 5.7.4 has a cross-site scripting vulnerability, which can be exploited by attackers to conduct cross-site scripting attacks via the nickname in index.php...

CVE-2020-5796

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges...

HuCart Cross-Site Request Forgery Vulnerability

HuCart HuCart is an open source enterprise building system. A cross-site request forgery vulnerability exists in HuCart version 5.7.4. Remote attackers can use /adminsys/index.php?load=admins&act=editinfo&acttype=add URL to add any administrator account to exploit the vulnerability...

SQL Injection Vulnerability in HuCart Backend aj***_ar***.php Page

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version of the background ajar.php page there is a SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in HuCart aj***_ex***.php Page

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version ajex.php page SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain database sensitive information...