Silex SD-330AC和Silex AMC Manager 安全漏洞

Both the Silex SD-330AC and the Silex AMC Manager are products of the Japanese company Silex. The Silex SD-330AC is a device server that provides wireless network connectivity and the ability to share with USB devices. The Silex AMC Manager is a management software used for centralized management...

CVE-2026-20099

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...

EUVD-2026-8670

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

CVE-2026-20091

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

CVE-2026-20091

CVE-2026-20091 affects Cisco FXOS Software and Cisco UCS Manager Software via the web-based management interface. The issue is a stored cross-site scripting flaw caused by insufficient input validation in the interface, allowing an authenticated attacker with Administrator/AAA Administrator crede...

CVE-2026-20091

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

Cisco UCS Manager Software 安全漏洞

Cisco UCS Manager Software is a device management software developed by the American company Cisco. There is a security vulnerability in Cisco UCS Manager Software. This vulnerability stems from the unnecessary permissions assigned at the NX-OS CLI permission level, which may allow attackers with...

CVE-2025-64180 Manager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)

Manager-io/Manager is accounting software. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access to internal network resources. The flaw lies in the fundamental design of the DNS validation mechanism. A Time-of-Check Time-of-Use TOCTOU...

CVE-2025-20295

CVE-2025-20295 affects Cisco UCS Manager Software (CLI) where an authenticated local attacker with administrative privileges can read, create, or overwrite files on the device’s underlying OS due to insufficient input validation of command arguments. The root cause is input validation failure in ...

Cisco UCS Manager Software 操作系统命令注入漏洞

Cisco UCS Manager Software is a device management software from Cisco. Cisco UCS Manager Software suffers from an operating system command injection vulnerability that stems from insufficient validation of command parameter inputs, which could lead to file system manipulation...

MAL-2025-38367 Malicious code in vidwall (npm)

The package vidwall was found to contain malicious code...

MAL-2025-8122 Malicious code in @kms-types/config (npm)

The package @kms-types/config was found to contain malicious code...

MAL-2025-38105 Malicious code in vanilla-is2-project (npm)

The package vanilla-is2-project was found to contain malicious code...

MAL-2025-39917 Malicious code in xpointer (npm)

The package xpointer was found to contain malicious code...

CVE-2025-43022

A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow a privileged user to execute SQL commands. HP has addressed the issue in the latest software update...

CVE-2025-54122

Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery SSRF vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to spoofing when using Web Server Plug-ins

Summary IBM Security Verify Governance uses IBM WebSphere Application Server .The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console

Summary IBM Security Verify Governance uses IBM WebSphere Application Server. The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console

Summary IBM Security Verify Governance uses IBM WebSphere Application Server. The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

CVE-2023-20016 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup...