UBUNTU-CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

CVE-2025-66602

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm. The affected products and versions are ...

CVE-2025-66604

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be displayed on the web page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN,...

CVE-2025-66608

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

PT-2026-7054

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

Malicious code in odoo-sfu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6150db474384025ea6979cd2f9cdfcd33735d897541917f74ee49a6d3ee74c71 The OpenSSF Package Analysis project identified 'odoo-sfu' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

mysql: Optimizer unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

AZL-50384 CVE-2024-21213 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute...

AZL-50591 CVE-2024-21194 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

WordPress plugin Quiz And Survey Master Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2023-7215 · Frrouting +10 · Frrouting +10

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 9.0.1 Description: The issue is related to insufficient input validation in FRRouting, which can be exploited by a remote attacker to cause a denial of service. Specifically, it mishandles malformed MP REACH NLRI...

CVE-2022-2901

creationtimestamp| type| source ---|---|--- 2022-09-12 21:40:18+00:00| seen| https://t.me/cibsecurity/49304...

UBUNTU-CVE-2022-29167

Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse Host HTTP...

CVE-2021-22674

The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1...

Advantech WebAccess/SCADA 输入验证错误漏洞

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. An open redirection vulnerability exist...

PT-2019-16916 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager versions 9.0.1 through 9.0.6 Description: The issue allows authenticated users to impersonate other users, potentially leading to unauthorized access. Recommendations: For versions 9.0.1 through 9.0.6, update to a...

CVE-2019-12555

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function provided by the scripting engine allows an attacker to cause a denial of service by crashing the application...

IBM iNotes Information Disclosure Vulnerability (CNVD-2018-19429)

IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. An information disclosure vulnerability exists...

CVE-2018-2639

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Denial of Service Vulnerability in Multiple IBM Products

IBM MQ formerly known as IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ versions 9.0.1 through 9.0.2. An attacker could exploit...