13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-29047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the log...
CVE-2026-29047
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
SQL Injection
Overview glpi/glpi is a free Asset and IT Management Software package with ITIL Service Desk, licenses tracking and software auditing. Affected versions of this package are vulnerable to SQL Injection in the logs export process. An attacker can execute arbitrary SQL commands by submitting crafted...
CVE-2026-29047
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
CVE-2026-29047
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
UBUNTU-CVE-2026-29047
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
CVE-2026-29047
CVE-2026-29047 affects GLPI; from 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This is fixed in 10.0.24 and 11.0.6. Impact includes potential confidentiality, integrity, and availability risks. Remediation: upgrade to GLPI 10....
EUVD-2026-19249
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
CVE-2026-29047 GLPI has an Authenticated SQL Injection via log exports
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
PT-2026-30614
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6...
EUVD-2021-7586
Malicious code in bioql PyPI...
Atlassian Jira授权问题漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used to track and manage various types of issues and defects in the workplace. An authorization issue vulnerability exists in Atlassian Jira Server and Data Center, which stems from the product's...
CVE-2021-20129
An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs...