Astra Linux - уязвимость в qt4-x11, qtbase-opensource-src

A issue was discovered in Qt before version 5.15.15, in versions 6.x before 6.2.9, and in versions 6.3.x through 6.5.x before 6.5.1. When an SVG file containing an image is rendered, a QTextLayout buffer overflow can occur...

Astra Linux - уязвимость в libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Starting from version 1.6.0 until 1.6.51, there was a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread, when processing...

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.5.1

Logging for Red Hat OpenShift - 6.5.1 Red Hat OpenShift Logging 6.5.1 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...

CVE-2026-2630

CVE-2026-2630 is a command‑injection vulnerability affecting the Tenable Security Center. An authenticated, remote attacker could execute arbitrary code on the underlying server hosting Security Center. The CVSS metrics indicate network access, low attack complexity, and that privileges are requi...

PT-2026-7578

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

EulerOS 2.0 SP12 : libpng (EulerOS-SA-2026-1092)

According to the versions of the libpng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From...

HCL iAutomate 安全漏洞

HCL iAutomate is a powerful and intelligent runbook automation product from HCL India. A security vulnerability exists in HCL iAutomate version v6.5.1 and v6.5.2, which stems from using the HTTP GET method to process a request and including sensitive information in the query string, which could...

[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.2.1

R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.2.1 Jason Schavel Tue, 09/30/2025 - 12:32 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components SimpleSAML was found to...

CVE-2025-57797

Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command...

CVE-2022-21591

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: UI Infrastructure. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-39409

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Business Process Automation. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

PT-2024-33283 · Znuny +1 · Znuny +1

Name of the Vulnerable Software and Affected Versions: Znuny versions prior to 6.5.1 through 6.5.10 Znuny versions 7.0.1 through 7.0.16 Description: The issue allows for XSS, where JavaScript code in the short description of the SLA field in Activity Dialogues is executed. Recommendations: For...

WordPress plugin wp-affiliate-platform security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-27629

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Paul Ryley Site Reviews plugin = 6.5.1 versions...

PT-2023-4689

Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.15.14 Qt versions 6.0.x through 6.2.x before 6.2.9 Qt versions 6.3.x through 6.5.x before 6.5.1 Description The issue is related to the QtSvg QSvgFont function in the Qt framework, which can be exploited to bypass...

SUSE CVE-2018-1000845

DO NOT USE THIS CANDIDATE NUMBER. ConsultID: CVE-2017-6519. Reason: This candidate is a duplicate of CVE-2017-6519. Notes: All CVE users should reference CVE-2017-6519 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

PT-2022-27313 · Interspire · Interspire Email Marketer

Name of the Vulnerable Software and Affected Versions: Interspire Email Marketer versions 6.5.1 and earlier Description: The issue allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the...

CVE-2022-39409

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Business Process Automation. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-39420

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Data, Functional Security. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-39409

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Business Process Automation. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...