CVE-2026-30242

Plane is an an open-source project management tool. Prior to version 1.2.3, the webhook URL validation in plane/app/serializers/webhook.py only checks ip.isloopback, allowing attackers with workspace ADMIN role to create webhooks pointing to private/internal network addresses 10.x.x.x, 172.16.x.x...

CVE-2025-47147

Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...

Freshworks Platform 输入验证错误漏洞

Freshworks Platform is a customer service software platform from Freshworks USA. An input validation error vulnerability exists in Freshworks Platform versions 1.2.3 and earlier, which stems from an open redirect due to a misbehavior of file/api/v2/logout with respect to the parameter...

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

WordPress AutoListicle plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin AutoListicle versions = 1.2.3...

Important: kernel-livepatch-4.14.311-233.529

Issue Overview: An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure with a dirty log journal. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2023-2124...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

SUSE-SU-2021:3008-1 Security update for mariadb

This update for mariadb fixes the following issues: Update to version 10.2.40 bsc1189320: - fixes for the following security vulnerabilities: CVE-2021-2372 and CVE-2021-2389...

ABB MicroSCADA Installation Elevation of Privilege Vulnerability

ABB MicroSCADA is a suite of substation monitoring and control software from ABB Switzerland, developed specifically for power transmission and distribution systems. The software includes a human-machine interface MMI and flexible application engineering tools, and provides monitoring, event...

CVE-2017-6736

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...