Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 6:55 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses dompurify-3.2.7.tgz, dompurify-3.3.0.tgz, dompurify-3.3.1.tgz which is vulnerable to CVE-2026-0540.

Summary IBM Maximo Application Suite - Monitor Component uses dompurify-3.2.7.tgz, dompurify-3.3.0.tgz, dompurify-3.3.1.tgz which is vulnerable to CVE-2026-0540. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-0540 DESCRIPTION: DOMPurify 3.1.3...

6.1CVSS7.2AI score0.0034EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/31 10:16 p.m.6 views

CVE-2026-34400

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

9.8CVSS0.00505EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/31 9:0 p.m.24 views

CVE-2026-34400 alerta-server has potential SQL Injection vulnerability in Query String Syntax (q=) API

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

6.9CVSS0.00505EPSS
Exploits0References6
NVD
NVD
added 2026/01/20 2:15 a.m.9 views

CVE-2026-1051

The Newsletter – Send awesome emails from WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.1.0. This is due to missing or incorrect nonce validation on the hooknewsletteraction function. This makes it possible for unauthenticated...

4.3CVSS0.00104EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/29 12:0 a.m.5 views

Kiteworks Mft 安全漏洞

Kiteworks Mft is a software for securely managing internal and external data transfers from Kiteworks USA. A security vulnerability exists in Kiteworks MFT versions prior to 9.1.0, which stems from improperly defined communication channel targets and could result in elevated privileges...

7.2CVSS6.7AI score0.00819EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/29 12:0 a.m.7 views

PT-2025-48358

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0 Description Kiteworks MFT orchestrates end-to-end file transfer workflows. Versions of the software prior to 9.1.0 contain a flaw that could allow an external attacker to access log information from the...

6.8CVSS6AI score0.00172EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 10:48 a.m.6 views

CVE-2024-52268

Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product...

4.8CVSS6.3AI score0.0029EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.6 views

ZOHO ManageEngine Desktop Central Injection Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. An injection...

6.1CVSS7.3AI score0.0287EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.6 views

Symantec Protection Engine Security Vulnerability

Symantec Protection Engine is a malware protection platform from Symantec USA. A security vulnerability exists in Symantec Protection Engine versions prior to 9.1.0, which stems from a hash disclosure vulnerability...

6.8CVSS6.5AI score0.00515EPSS
Exploits0References2
OSV
OSV
added 2023/01/18 12:15 a.m.4 views

CVE-2023-21828

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications component: Reporting. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracl...

8.1CVSS7.3AI score0.00539EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.7 views

PT-2023-1243 · Oracle · Oracle Hospitality Reporting/Analytics

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Reporting and Analytics version 9.1.0 Description: The issue is related to insufficient input validation in the Reporting component of Oracle Hospitality Reporting and Analytics. This easily exploitable vulnerability can be...

8.7CVSS7.2AI score0.00512EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.13 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...

9.6CVSS6.7AI score0.0058EPSS
Exploits0References2
OSV
OSV
added 2019/01/16 7:30 p.m.5 views

CVE-2019-2407

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracl...

6.1CVSS6.6AI score0.00427EPSS
Exploits0References2
OSV
OSV
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10070

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products subcomponent: Maintenance Folders. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS7.3AI score0.0147EPSS
Exploits0References3
Rows per page
Query Builder