PT-2026-35943

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter...

EUVD-2025-209591

A stored cross-site scripting XSS vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter...

pypdf: Manipulated XMP metadata entity declarations can exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. Patches This has been fixed in pypdf==6.10.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3724...

WordPress plugin Uncanny Automator 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Uncanny Automator, which...

WordPress Uncanny Automator plugin < 6.10.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Uncanny Automator versions 6.10.0...

PT-2024-29818 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0 Description: The Linux kernel has a vulnerability in the btrfs buffered write path, which runs through extent writepage and has tricky return value handling for writepage delalloc. When writepage delalloc...

PT-2024-13839 · Logpoint · Logpoint Siem

Name of the Vulnerable Software and Affected Versions: Logpoint SIEM versions 6.10.0 through 7.x before 7.3.0 Description: The Jinja templating in Logpoint SIEM does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a...

CVE-2021-34610

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

CVE-2021-34611

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...