9 matches found
Zoom Workplace < 6.5.0 Vulnerability (ZSB-25036)
The version of Zoom Workplace installed on the remote host is prior to 6.5.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25036 advisory. - Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosur...
OpenText Advanced Authentication 安全漏洞
OpenText Advanced Authentication is an advanced authentication framework from OpenText Canada. A security vulnerability exists in OpenText Advanced Authentication version 6.5.0 and earlier, which originates from a malicious browser plug-in that can record and replay the user authentication proces...
SUSE CVE-2025-47287
Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs,...
UBUNTU-CVE-2025-47287
Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs,...
CVE-2025-47287 Tornado vulnerable to excessive logging caused by malformed multipart form data
Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs,...
PrestaShop Security Breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop Product Catalog CSV, Excel Import prior to version 6.5.0, which stems from a...
RakRak Document Plus vulnerable to path traversal
Overview RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability CWE-22. Asato Masamu of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
CVE-2020-17465
Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS. The vulnerability affects versions 6.5.0.4, 6.0.0.6...
BlackBerry QNX Software Development Platform Information Disclosure Vulnerability (CNVD-2019-23834)
BlackBerry QNX Software Development Platform is a suite of QNX software development platforms from BlackBerry Canada. The platform is mainly used to develop software based on the QNX platform. An information disclosure vulnerability exists in BlackBerry QNX Software Development Platform 6.5.0 SP1...