16 matches found
CVE-2026-39463
Unauthenticated Cross Site Scripting XSS in ManageWP Worker = 4.9.31 versions...
CVE-2026-4394 Gravity Forms <= 2.9.30 - Unauthenticated Stored Cross-Site Scripting via Credit Card 'Card Type' Sub-Field
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Credit Card field's 'Card Type' sub-field input.4 in all versions up to, and including, 2.9.30. This is due to the getvalueentrydetail method in the GFFieldCreditCard class outputting the card type value...
CVE-2026-4394 Gravity Forms <= 2.9.30 - Unauthenticated Stored Cross-Site Scripting via Credit Card 'Card Type' Sub-Field
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Credit Card field's 'Card Type' sub-field input.4 in all versions up to, and including, 2.9.30. This is due to the getvalueentrydetail method in the GFFieldCreditCard class outputting the card type value...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001658)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001658 advisory. The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of...
10-Strike Network Inventory Explorer Pro has security vulnerabilities
10-Strike Network Inventory Explorer Pro is a network asset management and auditing tool provided by the US company 10-Strike. Version 9.31 of 10-Strike Network Inventory Explorer Pro contains a security vulnerability. This vulnerability stems from the srvInventoryWebServer service having a servi...
CVE-2025-64734
Missing Release of Resource after Effective Lifetime CWE-772 in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. This issue affects Command Centre Server: 9.30...
CVE-2025-48430
Uncaught Exception CWE-248 in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will. This issue affects Command Centre Server: 9.30 prior to vEL9.30.2482 MR2, 9.20 prior to vEL9.20.2819 MR4, 9.10 prior to vEL9.10.3672 MR7, 9.00 prior to...
PT-2023-13792 · Laravel · Laravel
Name of the Vulnerable Software and Affected Versions: Laravel versions 8.x through 9.x before 9.32.0 Description: The authentication method was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. This issue is caused by the early return inside th...
CVE-2018-17772
Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N...
CVE-2018-17771
Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N...
Micro Focus Project and Portfolio Management Center Cross-Site Request Forgery Vulnerability
Micro Focus Project and Portfolio Management Center is a suite of project portfolio management software from Micro Focus UK. The software manages hybrid projects by integrating agile tools such as ALM Octane, Agile Manager and CA Rally. A cross-site request forgery vulnerability exists in Micro...
CVE-2017-14361
Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack...
CVE-2017-14350
A potential security vulnerability has been identified in HPE Application Performance Management BSM Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution...
HPE Application Performance Management Platform Remote Code Execution Vulnerability
HPE Application Performance Management BSM Platform is a set of application performance management system of the American Hewlett Packard Enterprise HPE company's BSM platform. A security vulnerability exists in HPE BSM Platform versions 9.26, 9.30, and 9.40. A remote attacker could exploit the...
Hewlett Packard Enterprise Application Performance Management System Authentication Bypass Vulnerability
HPE BSM Platform Application Performance Management System Health is a suite of application performance management systems for the BSM platform from Hewlett Packard Enterprise HPE. A security vulnerability exists in HPE BSM Platform Application Performance Management System Health versions 9.26,...
Multiple Vulnerabilities in HPE Project and Portfolio Management Center
HPE Project and Portfolio Management Center PPM is a suite of solutions from Hewlett Packard Enterprise HPE that provides project executives with the visibility and strategic operational needs to make decisions based on real-time visibility into the project lifecycle of the project portfolio. An...