CVE-2026-2247

SQL injection vulnerability SQLi in Clicldeu SaaS, specifically in the generation of reports, which occurs when a previously authenticated remote attacker executes a malicious payload in the URL generated after downloading the student's report card in the ‘Day-to-day’ section from the mobile...

CVE-2025-8303 XSS in EKA Software's Real Estate Script V5 (With Doping Module – Store Module – New Language System)

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 With Doping Module – Store Module – New Language System allows Cross-Site Scripting XSS. This issue affects...

Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center

Overview Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945 Impact Regarding the impact of th...

CVE-2025-7631 Time-Based Blind SQLi in Tumeva Internet Technologies' Tumeva Prime News Software

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...

CVE-2025-7631

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...

CVE-2025-7631

CVE-2025-7631 affects Tumeva News Software (Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co.) through version 17022026. The issue is improper neutralization of special elements used in SQL commands (SQL Injection). CVSS 3.1: AV:N/AC:L/PR:N/UI:N/...

CVE-2025-7631 Time-Based Blind SQLi in Tumeva Internet Technologies' Tumeva Prime News Software

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection. This issue affects Tumeva Prime News Software:...

PT-2026-20244

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software is susceptible to cross-site request forgery, potentially enabling an attacker to perform unauthorized actions on behalf of a trusted user. The affected component is the Z hub...

PT-2026-20213

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software uses cryptographic algorithms that are not strong enough, potentially allowing an attacker to decrypt sensitive information. Recommendations Update to a version beyond 2.1.0. At...

Softland FBackup 后置链接漏洞

Softland FBackup is a Windows backup software developed by the Romanian company Softland. Versions of Softland FBackup 9.9 and earlier had a post-release link vulnerability. This vulnerability stemmed from improper handling of links in the backup/restore component, which could allow local...

PT-2026-20950

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.6 through 2026.2.13 Description The OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links lacking an unattended key, the application displays a confirmation dialog...

PT-2026-20301

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.5.6.12 Description Dell SmartFabric OS10 Software is affected by an issue related to improper neutralization of special elements used in a command, potentially leading to command execution. A...

PT-2026-8401

Name of the Vulnerable Software and Affected Versions Tumeva News Software versions through 17022026 Description The software contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential data exposure through attacks. The vend...

IBM Security QRadar EDR 代码问题漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are code-related vulnerabilities in versions 3.12 to 3.12.23 of IBM Security QRadar EDR. These vulnerabilities stem from the failure to invalidate sessions after they...

Linux Distros Unpatched Vulnerability : CVE-2026-23158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is...

Control Flow Reconstruction using HPCs

Affected Products and Mitigation Performance counters are not protected by Secure Encrypted Virtualization SEV, SEV-ES, or SEV-SNP. AMD has defined support for performance counter virtualization in APM Vol 2, section 15.39. Performance Monitoring Counters PMC virtualization, available on AMD...

Tumeva News Software SQL注入漏洞

Tumeva News Software is a news content management system developed by the Turkish company Tumeva. Versions of Tumeva News Software dated before 17022026 have a SQL injection vulnerability. This vulnerability arises from improper handling of special elements within SQL commands, which may lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-2574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - glib-networking - None CVE-2026-2574 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

CVE-2025-32092

Insecure inherited permissions for some IntelR Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege...

CVE-2025-31655

Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...