CVE-2026-6973

An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution...

CVE-2025-36121

IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

CVE-2025-36121

IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

EUVD-2021-32509

Malicious code in bioql PyPI...

SUNNET Wisdom Master Pro 安全漏洞

SUNNET Wisdom Master Pro is a Wisdom Master management platform from SUNNET. A security vulnerability exists in SUNNET Wisdom Master Pro version 5.2 and prior versions, which stems from a course management feature that allows uploading of dangerous types of files, which could lead to the uploadin...

Esri Portal for ArcGIS 跨站脚本漏洞

Esri Portal For ArcGis is a component of Esri, Inc. that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A security vulnerability exists in Esri Portal for ArcGIS, which stems from a stored cross-site scripting XSS vulnerability...

IBM Sterling File Gateway 信息泄露漏洞

IBM Sterling File Gateway is a suite of file transfer software from IBM Corporation. The software integrates different file transfer activity centers and helps file-based data to be securely exchanged over the Internet.An information disclosure vulnerability exists in IBM Sterling File Gateway,...

Elastic 安全漏洞

Elastic is the Netherlands Elastic company's set of open source distributed RESTful search engine built on Lucene . The product is mainly used in cloud computing and supports data indexing using JSON over HTTP. A security vulnerability exists in Elastic search.Elastic Elastic search may allow a...

Denial Of Service (DoS)

mysql is vulnerable to denial of service. An unspecified vulnerability allows a remotely authenticated user to denial service to the application...

Denial Of Service (DoS)

mysql is vulnerable to denial of service. An unspecified vulnerability allows a remotely authenticated user to denial service to the application...

Privilege Escalation

mysql is vulnerable to privilege escalation. An unspecified vulnerability allows a remotely authenticated user to gain privileged access to the application...

Privilege Escalation

mysql is vulnerable to privilege escalation. An unspecified vulnerability allows a remotely authenticated user to gain privileged access to the application...

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS. The vulnerability exists as it allows remotely authenticated users to cause DoS through Optimizer...

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS. The vulnerability exists as remotely authenticated users can affect the availability through Server : InnoDB...

Denial Of Service (DoS)

Oracle MySQL Server and MariaDB are vulnerable to denial of service DoS attacks. A remotely authenticated user can manipulate with an unknown input, causing the application to crash. The affected component is Optimizer...

Denial Of Service (DoS)

Oracle MySQL Server and MariaDB are vulnerable to denial of service DoS attacks. A remotely authenticated user can manipulate with an unknown input, causing the application to crash. The affected component is InnoDB...

Cross-site Scripting (XSS)

manila-ui is vulnerable to reflected cross-site scripting XSS. The Create Share form takes user-supplied metadata and passes it to a call to marksafe. This allows remotely authenticated, but unprivileged users to insert JavaScript code...

Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422)

Summary IBM Security Network Protection uses Kerberos krb5 to provide network authentication. The Kerberos krb5 version that is shipped with IBM Security Network Protection contains multiple security vulnerabilities. Vulnerability Details CVE-ID: CVE-2014-5352 Description: MIT krb5 could allow a...

Cross-site Scripting (XSS)

manila-ui is vulnerable to reflected cross-site scripting XSS. The Create Share form takes user-supplied metadata and passes it to a call to marksafe. This allows remotely authenticated, but unprivileged users to insert JavaScript code...

Multiple SQL Injection Vulnerabilities in WebsiteBaker

websitebaker is an open source content management system CMS. Websitebaker has multiple SQL injection vulnerabilities. Because account/signup.php does not properly handle the values of the variables "username" and "displayname", a remotely authenticated attacker registration is turned on by defau...