1841 matches found
PT-2026-29737
A vulnerability exists in Progress Flowmon versions prior to 12.5.8 and 13.0.6, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
Progress ShareFile Storage Zones Controller 安全漏洞
Progress ShareFile Storage Zones Controller is a file storage zone management control component developed by the American company Progress. There is a security vulnerability in Progress ShareFile Storage Zones Controller. This vulnerability stems from improper access control, which may allow...
Progress Flowmon 操作系统命令注入漏洞
Progress Flowmon is a real-time network traffic monitoring tool developed by Progress Corporation. Versions of Progress Flowmon prior to 12.5.8 contained an operating system command injection vulnerability. This vulnerability stemmed from requests created by authenticated, low-privilege users...
New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers...
Exploit for Code Injection in Apple Securerom
🔐 iOS Security Research Deep-dive notes on iOS security inter...
Acalvio ShadowPlex Review: Deception-Based Preemptive Cybersecurity
This practitioner-focused review covers Acalvio ShadowPlex, a deception-first platform designed to stop attacker progress across IT, cloud, OT,…...
CLSA-2026-1774528630 openssh: Fix of 3 CVEs
CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory permissions via crafted filenames - CVE-2019-6109: fix scp client where a malicious server could manipulate the client's progress display output due to...
CVE-2026-2513
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2514 Possibility of unintended actions when viewing maliciously crafted network data in Progress Flowmon ADS web application
In Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, a vulnerability exists whereby an adversary with access to Flowmon monitoring ports may craft malicious network data that, when processed by Flowmon ADS and viewed by an authenticated user, could result in unintended actions being...
CVE-2026-2513
Progress Flowmon ADS vulnerable in versions prior to 12.5.5 and 13.0.3. An administrator who clicks a malicious link within an authenticated web session may trigger unintended actions, exposing high-severity risk (CVSS 8.6; Network vector, user interaction required). The advisory does not include...
CVE-2026-2513 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon ADS web application
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2513 Possibility of unintended actions when an administrator clicks a malicious link in the Progress Flowmon ADS web application
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-2513
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
PT-2026-24948
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...
CVE-2026-28034
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...
Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System
CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...
EUVD-2026-9696
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...
CVE-2026-28034
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...
CVE-2026-28034 WordPress Progress theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...
CVE-2026-28034 WordPress Progress theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through = 1.2...