@openinc/parse-server-opendash (>=3.0.0 <=3.30.0), @servable/parse-server-engine (>=1.6.0 <=1.17.0) +5 more potentially affected by CVE-2026-30850 via parse-server (=8.6.76)

parse-server NPM version =8.6.76 is affected by a known vulnerability. The following packages have a transitive dependency on parse-server and may be impacted: - @openinc/parse-server-opendash =3.0.0, =1.6.0, =1.0.0, =1.0.3, =2.0.0, =2.0.0, =0.0.1, =0.1.0 Source cves: CVE-2026-30850 Source...

@kontaa/subgraph (>=1.0.1 <=1.2.3), @kontaa/utils (>=1.2.1 <=1.2.3) +4 more potentially affected by CVE-2025-64430 via parse-server (>=5.6.0 <=6.5.11)

parse-server NPM version =5.6.0, =1.0.1, =1.2.1, =2.4.46, =1.0.0, =1.0.1, =1.0.23 - servable-publishable =1.1.0 Source cves: CVE-2025-64430 Source advisory: OSV:GHSA-X4QJ-2F4Q-R4RX...

CVE-2008-7200

Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors...

@servable/manifest (>=1.15.0 <=1.34.1), @servable/parse-server-engine (>=1.0.2 <=1.9.2) +4 more potentially affected by CVE-2024-56198 via path-sanitizer (=2.0.0)

path-sanitizer NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on path-sanitizer and may be impacted: - @servable/manifest =1.15.0, =1.0.2, =1.0.0, =1.0.1, =1.0.2, =1.0.3 - generator-servable =1.14.0 Source cves: CVE-2024-56198 Source...

Rapid SCADA 安全漏洞

Rapid SCADA is a full-featured SCADA software from Rapid SCADA Open Source. A security vulnerability exists in Rapid SCADA version 5.8.4, which originates in the file ScadaServerEngine/MainLogic.cs where CheckUser allows the use of empty passwords...

Lucee 5.4.2.17 Cross Site Scripting

Exploit Title: Lucee 5.4.2.17 - Authenticated Reflected XSS Google Dork: NA Date: 05/08/2023 Exploit Author: Yehia Elghaly Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version:...

Security Bulletin: Lack of path restriction may allow access to sensitive data stored on Information Server Engine (CVE-2012-4818)

Abstract Security Bulletin: Lack of path restriction may allow access to sensitive data stored on Information Server Engine CVE-2012-4818 Content VULNERABILITY DETAILS: CVE ID: CVE-2012-4818 DESCRIPTION: Whenever an Information Server client application such as InfoSphere DataStage and QualitySta...

Microsoft SQL Server RDBMS Engine Elevation of Privilege Vulnerability

Microsoft SQL Server is the United States Microsoft Microsoft company develops and maintains a set of applications in the Microsoft Windows system under the large commercial database system. An elevation of privilege vulnerability exists in the Microsoft SQL Server RDBMS engine. An attacker can...

Epic Games Unreal Tournament Server 436.0 Engine Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9840/info A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly sanitize user supplied network data...

Double free

Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors...

CVE-2008-7200

CVE-2008-7200 affects the Deliantra server engine prior to 2.4 . The issue is a double-free vulnerability in the server component, with the underlying cause described as memory mismanagement. The impact is listed as unknown in the provided descriptions, and no exploitation vectors or remediation ...

CVE-2008-7200

Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors...

Net::Server: Format string vulnerability

Background Net::Server is an extensible, generic Perl server engine. It is used by several Perl applications like Postgrey. Description The log function of Net::Server does not handle format string specifiers properly before they are sent to syslog. Impact By sending a specially crafted datastrea...