797 matches found
CVE-2022-27661
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow...
CVE-2025-47208
CVE-2025-47208 affects QNAP QTS and QuTS hero where an allocation of resources without limits or throttling can lead to a denial of service if a remote attacker obtains a user account. The issue is mitigated by fixes in QTS 5.2.6.3195 build 20250715 and later and QuTS hero h5.2.6.3195 build 20250...
EUVD-2025-202288
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...
CVE-2025-59371
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...
CVE-2025-53410
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...
CVE-2025-36121
IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
CVE-2025-11623
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62386
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-10986
CVE-2025-10986 affects Ivanti Endpoint Manager Mobile (EPMM) admin panel. A path traversal vulnerability exists in EPMM versions before 12.6.0.2, 12.5.0.4, and 12.4.0.4 that could allow a remote authenticated attacker with admin privileges to write data to unintended locations on disk. Connected ...
EUVD-2025-34107
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34103
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34101
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
EUVD-2025-34098
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62392
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62390
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62387
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62387
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62384
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62386
CVE-2025-62386 is a SQL injection vulnerability in Ivanti Endpoint Manager. According to connected sources, it allows a remote authenticated attacker to read arbitrary data from the database, with a CVSS v3.1 base score of 6.5 (Medium) and confidentiality impact High. The issue affects Ivanti End...