Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006)

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...

BIT-JRE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

PT-2026-37893

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2025-13774 SQL injection leading to privilege escalation in Progress Flowmon ADS

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands...

Linux Distros Unpatched Vulnerability : CVE-2025-13013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and...

Linux Distros Unpatched Vulnerability : CVE-2020-13276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1 CVE-2020-13276...

SUSE CVE-2020-2654

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

PT-2020-13403 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.9 through 13.0.1 Description: The issue allows for client-side code injection through Mermaid markup, enabling a specially crafted Mermaid payload to send PUT requests on behalf of other users via clicking on a link...

Red Hat Ceph Denial of Service Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure based on POSIX Portable Operating System Interface so that data can be fault-tolerant and seamlessly replicated...