1850 matches found
CVE-2024-54448
CVE-2024-54448 concerns the LogicalDOC Automation Scripting feature, which an attacker with admin privileges or granted access can abuse to execute arbitrary commands on the web server hosting LogicalDOC. The vulnerability enables remote code execution on the underlying operating system via the A...
Is Your Cloud App Server Secure? Best Practices for Data Protection
Almost every company nowadays depends on cloud computing since it is a necessary tool in the world of…...
2025-03 .NET 9.0.3 Security Update for x64 Server (KB5054230)
2025-03 .NET 9.0.3 Security Update for x64 Server KB5054230...
Local File Inclusion in Rack::Static
Summary Rack::Static can serve files under the specified root: even if urls: are provided, which may expose other files under the specified root: unexpectedly. Details The vulnerability occurs because Rack::Static does not properly sanitize user-supplied paths before serving files. Specifically,...
Linux Distros Unpatched Vulnerability : CVE-2023-32681
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...
MGASA-2025-0086 Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities
Use-after-free of the root cursor. CVE-2025-26594 Buffer overflow in XkbVModMaskText. CVE-2025-26595 Heap overflow in XkbWriteKeySyms. CVE-2025-26596 Buffer overflow in XkbChangeTypesOfKey. CVE-2025-26597 Out-of-bounds write in CreatePointerBarrierClient. CVE-2025-26598 Use of uninitialized point...
The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in the lack of security measures for the website structure, allowing attackers to carry out cross-site scripting (XSS) attacks.
The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
DSA-5872-1 xorg-server - security update
Bulletin has no description...
python311-jupyter-server-2.14.2-3.1 on GA media (moderate)
python311-jupyter-server-2.14.2-3.1 on GA media Announcement ID: openSUSE-SU-2025:14845-1 Rating: moderate Cross-References: CVE-2022-29241 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2025:0734-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0734-1 advisory. - CVE-2025-26594: Use-after-free of the root cursor bsc1237427. - CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. -...
Mautic allows Relative Path Traversal in assets file upload
Summary This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...
SUSE-SU-2025:0733-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CVE-2025-26594: Use-after-free of the root cursor bsc1237427. - CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. - CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. - CVE-2025-26597: Buffer overflow in...
SUSE-SU-2025:0732-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CVE-2025-26594: Use-after-free of the root cursor bsc1237427. - CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. - CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. - CVE-2025-26597: Buffer overflow in...
GHSA-3VX9-2CH5-M6R6 vulnerabilities
Vulnerabilities for packages: mysql...
PT-2025-7814 · WordPress · Everest Forms
Name of the Vulnerable Software and Affected Versions: Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress versions 3.0.9.4 and earlier Description: The issue is related to arbitrary file upload, read, and deletion due to missing file type and path...
Security Updates for Microsoft SQL Server (July 2024)
The Microsoft SQL Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2024-20701,...
CVE-2025-27098
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
Hitachi Vantara Pentaho Business Analytics Server 安全漏洞
Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from the presence of an incorrect authorizati...
Apache Doris Path Traversal Vulnerability
Apache Doris is a modern MPP analytic database product of the U.S. Apache Apache Foundation. Can provide sub-second queries and efficient real-time data analysis. Apache Doris suffers from a path traversal vulnerability that stems from the program's failure to properly filter special elements in...
CBL Mariner 2.0 Security Update: rabbitmq-server (CVE-2023-50966)
The version of rabbitmq-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50966 advisory. - erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of...