CVE-2026-48209

OTRS Community Edition 7.0.x is vulnerable to reflected XSS due to improper neutralization of user-controllable input in ticket handling. Attackers who are authenticated can exploit crafted request parameters in ticket actions to inject JavaScript via manipulated request URLs, executing code in t...

CVE-2026-9357

Technical details are not publicly available in the provided documents. The Connected docs only reiterate a login-related XSS in vBulletin 6.x without specifics on vulnerable components, versions, or remediation. Monitor for updates.

EUVD-2026-24610

Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator separately, for example by calling setJwtValidator.This issue affects Spring Security: from 6.3.0 through 6.3.14, from...

Exploit for CVE-2016-1057

This is a PoC exploit for CVE-2016-1057, a remote jailbreak for MikroTik's RouterOS. The exploit targets devices running v6.x.x and allows for remote code execution. The vulnerability exists on other device versions as well, but the exploit only supports v6.x.x. The exploit script is designed to...

Linux Distros Unpatched Vulnerability : CVE-2016-2496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2016-0834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2016-3752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - internal/app/ChooserActivity.java in the ChooserTarget service in Android 6.x before 2016-07-01 mishandles target security checks, which allows attackers to gai...

Linux Distros Unpatched Vulnerability : CVE-2019-5737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by...

CVE-2024-26309

Archer Platform 6.x before 6.14 P2 HF2 6.14.0.2.2 contains a sensitive information disclosure vulnerability. An unauthenticated attacker could potentially obtain access to sensitive information via an internal URL...

Archer Platform Security Vulnerability

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform version 6.x prior to 6.13 P2 6.13.0.2 that stems from the presence of an HTML content injection vulnerability...

Archer Platform Security Vulnerability

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability in Archer Platform version 6.x prior to 6.14 P1 HF2 6.14.0.1.2 stems from a vulnerability that allows an authenticated attacker to bypass authorization checks by manipulating a user request ...

PT-2023-30867 · Rsa · Archer Platform

Name of the Vulnerable Software and Affected Versions: Archer Platform versions 6.x through 6.13 P2 6.13.0.2 Description: The issue allows a remote authenticated malicious Archer user to store malicious HTML code in a trusted application data store. When victim users access the data store through...

Vulnerabilities fixed in VMware Aria Operations Networks

VMWare has fixed vulnerabilities in Aria Operations Networks, formerly known as vRealize Network Insight. A malicious party could exploit the vulnerabilities to bypass authentication, or to execute arbitrary code on the underlying system. The most serious vulnerability has been given attribute...

VMware Aria Operations 代码问题漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations Networks version 6.x series, which can be exploited by an attacker to perform...

Qt 信任管理问题漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

Archer Platform 安全漏洞

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform versions 6.x through 6.11 that stems from an issue with permission restrictions in the REST API. An authenticated, remote malicious user could exploit this...

RSA Archer 安全漏洞

RSA Archer is an enterprise IT governance and compliance governance product from RSA UK, including policy, risk and compliance definition and management. It is able to aggregate all of our enterprise assets, as well as some of the monitored information, and organize it into a unified platform,...

RSA Archer跨站脚本漏洞

RSA Archer is an enterprise IT governance and compliance governance product from RSA UK, including policy, risk and compliance definition and management. a cross-site scripting vulnerability exists in Archer versions 6.x inclusive through 6.9.3.0 inclusive. A remote attacker could exploit the...

PT-2021-7652

Name of the Vulnerable Software and Affected Versions Aviatrix Controller versions 6.x through 6.5-1804.1921 Description The issue is related to an unrestricted upload of a file with a dangerous type, allowing an unauthenticated user to execute arbitrary code via directory traversal. This can be...

DEBIAN-CVE-2021-36091

Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG OTRS Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27...