4 matches found
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
Linux Distros Unpatched Vulnerability : CVE-2023-1299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...
CVE-2025-54063 Cherry Studio One-click Remote Code Execution Vulnerability through Custom URL Handling
Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on a...
Security Bulletin: IBM DataPower Operator affected by flaw in Go (CVE-2022-23773)
Summary This is a build-time issue that does not affect product code, but may be flagged in customer scans. IBM has addressed the CVE. Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names as releases in cmd/go in Gola...