6 matches found
CVE-2025-53900 Kiteworks MFT has a Privilege Defined With Unsafe Actions
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, an unfavourable definition of roles and permissions in Kiteworks MFT on managing Connections could lead to unexpected escalation of privileges for authorized users. This issue has been patched in version 9.1.0...
DSpace 路径遍历漏洞
DSpace is an open source turnkey repository application from the DuraSpace community. A path traversal vulnerability exists in DSpace versions prior to 7.6.4, prior to 8.2, and prior to 9.1, which stems from a path traversal vulnerability that could lead to the disclosure of sensitive information...
Vim 安全漏洞
Vim is Vim open source a cross-platform text editor . A buffer overflow vulnerability exists in versions prior to Vim 9.1.0697, which stems from not checking if there is enough space in the buffer for the next character, and can be exploited by a remote attacker to execute arbitrary code on the...
PortlandLabs Concrete CMS 授权问题漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. A security vulnerability exists in PortlandLabs Concrete CMS versions prior to 9.1 that stems from the lack of a password reset rate limit...
PT-2020-20068 · Pulse · Pulse Policy Secure +1
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure / Pulse Policy Secure versions prior to 9.1R9 Description: A vulnerability in the Pulse Connect Secure / Pulse Policy Secure allows for arbitrary cookie injection. Recommendations: For Pulse Connect Secure / Pulse Policy...
CVE-2016-1783
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site...