16 matches found
CVE-2026-46559 ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...
EUVD-2026-31129
SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges...
EUVD-2026-31130
Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...
CVE-2026-44923
SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges...
Veritas InfoScale VIOM SQL注入漏洞
Veritas InfoScale VIOM is an infrastructure monitoring and operations management platform for virtualized environments developed by Veritas Corporation in the United States. Versions of Veritas InfoScale VIOM prior to 9.1.3 contained a SQL injection vulnerability. This vulnerability stems from SQ...
CVE-2026-28692
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...
CVE-2025-49399 WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms allows Cross Site Request Forgery. This issue affects NEX-Forms: from n/a through 9.1.3...
CVE-2023-28473
Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...
Vulnerabilities fixed in Splunk
Splunk has fixed vulnerabilities in Splunk Enterprise. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to sensitive data Access to system data Splunk has...
CVE-2023-28471
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name...
CVE-2023-28476
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files...
PT-2020-3435 · Palo Alto Networks · Prisma Access +5
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS versions prior to 9.1.3 Palo Alto Networks PAN-OS versions prior to 9.0.9 Palo Alto Networks PAN-OS versions prior to 8.1.15 Palo Alto Networks PAN-OS 8.0 EOL Description: When Security Assertion Markup Language SAML...
CVE-2018-5787
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM Radio Interface Module process running on the WiNG Access Point via crafted packets...
CVE-2016-2944
IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach...
CVE-2016-2931
IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive cleartext information by sniffing the network...
PT-2014-3803 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software version 9.1.3 and earlier Description: A race condition in the Phone Proxy component allows remote attackers to bypass sec db authentication and provide certain pass-through services to untrusted...