9 matches found
PT-2026-46068
Name of the Vulnerable Software and Affected Versions Active IQ Config Advisor version 6.7.3 Description Hard-coded credentials exist within the software, which could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. Recommendations At the moment,...
EUVD-2026-30175
CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess ships an explicit allow from all...
PT-2026-40814
Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.7.3 Description An administrator with documents edit permission can save raw PHP code into the Invoice Editor. When any administrator clicks Print on an order, the rendered template is written to files/print..php...
Interpretation Conflict
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Interpretation Conflict via the file upload process. An attacker can cause files to be served with an unintended Content-Typ...
CVE-2026-27888
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...
CVE-2025-64223
CVE-2025-64223 affects the WordPress PenNews plugin/theme and is a PHP Local File Inclusion vulnerability caused by improper control of the filename for include/require. The issue affects PenNews versions older than 6.7.3. Metrics indicate a high-severity impact (CVSS 3.1: base score 8.1) with ne...
DEBIAN-CVE-2022-50673
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4orphancleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in listaddvalid+0x28/0x1a0 Read of size 8 at addr...
PT-2024-28743
Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.15.18 Qt versions 6.x prior to 6.2.13 Qt versions 6.3.x through 6.5.x prior to 6.5.7 Qt versions 6.6.x through 6.7.x prior to 6.7.3 Description An issue was discovered in HTTP2 in Qt where code to make security-relevant...
UBUNTU-CVE-2020-12458
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information e.g., cleartext or encrypted datasource passwords...