CVE-2025-52885

CVE-2025-52885 affects Poppler before 25.10.0, where a use-after-free (write) vulnerability arises from raw pointers to elements of a std::vector stored in refToParentMap within StructTreeRoot. Pointers may become dangling when the vector resizes, due to vector reallocation moving elements and in...

Linux Distros Unpatched Vulnerability : CVE-2025-23046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a Mail servers authentication provider is...

UBUNTU-CVE-2024-24510

Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component...

PT-2023-20327 · Unknown · Reportportal

Name of the Vulnerable Software and Affected Versions: ReportPortal versions prior to 5.10.0 Description: The ReportPortal database becomes unstable and reporting almost fully stops when the test item.path field exceeds the allowable ltree field type indexing limit, which occurs when the path...

CVE-2023-2819

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. This could result in arbitrary javascript code...

Proofpoint Threat Response 跨站脚本漏洞

Proofpoint Threat Response is Proofpoint's leading Security Orchestration, Automation and Response SOAR solution that enables security teams to respond faster and more effectively to the evolving threat landscape. A security vulnerability exists in Proofpoint Threat Response versions prior to...

GHSA-4VHF-2HV7-8MRX Improper Restriction of XML External Entity Reference in Apache ActiveMQ

XML external entity XXE vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages...

PT-2020-14006 · Wso2 · Wso2 Identity Server +1

Name of the Vulnerable Software and Affected Versions: WSO2 Identity Server versions through 5.10.0 WSO2 IS as Key Manager versions through 5.10.0 Description: An issue exists in the software, specifically an open redirect. Recommendations: For WSO2 Identity Server versions through 5.10.0, update...

CVE-2018-5434

The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime Agent for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion XXE attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'...