54696 matches found
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160 HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
Improper Neutralization of Special Elements Used in a Template Engine
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine in the Workflows module. An attacker with the...
UBUNTU-CVE-2026-21619
Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...
k8s-container-escape-lkm
š ļø Kernel Module Reverse Shell ā Privileged Container Escape P...
SUSE-SU-2026:0685-1 Security update for valkey
This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses qs-6.13.0.tgz, qs-6.14.0.tgz which is vulnerable to CVE-2025-15284.
Summary IBM Maximo Application Suite - Monitor Component uses qs-6.13.0.tgz, qs-6.14.0.tgz which is vulnerable to CVE-2025-15284. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs...
EUVD-2025-208129
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
EUVD-2025-208128
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage...
CVE-2026-27776
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15509
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage...
CVE-2025-15509
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure...
CVE-2025-15567
Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security advisories to learn affected products, components, and remediation information.
CVE-2025-15509
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage...