298 matches found
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...
CVE-2026-4914
Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...
CVE-2026-40108
GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can store an XSS payload in a ITIL costs. This issue has been fixed in version 11.0.7...
CVE-2026-9614
An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...
EUVD-2026-33736
An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...
Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)
Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...
EUVD-2026-22278
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...
Ivanti Neurons for ITSM 安全漏洞
Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Versions of Ivanti Neurons for ITSM prior to 2025.4 contained security vulnerabilities. These vulnerabilities stemmed from improper protection of alternative paths, which could allo...
EUVD-2025-208946
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
PT-2026-26062
Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the externalfeed/RSS API component. Authenticated attackers...
PT-2026-26061
Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the searchWeb API component. Authenticated attackers can...
CVE-2026-22248 GLPI affected by Remote Code Execution via malicious upload
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...
CVE-2023-43790
iTop is an IT service management platform. By manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value. This vulnerability is fixed in 3.1.1 and 3.2.0...
EUVD-2020-7258
Malware in sbrugna...
EUVD-2020-7256
Malware in sbrugna...
EUVD-2020-7257
Malware in sbrugna...
EUVD-2021-19539
Malware in sbrugna...
EUVD-2021-19479
Malware in sbrugna...
EUVD-2021-19480
Malware in sbrugna...
EUVD-2020-25326
Malware in sbrugna...