20850 matches found
CVE-2025-12530
IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
EUVD-2025-210383
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling...
CVE-2026-44160 vulnerabilities
Vulnerabilities for packages: ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.3-fluentd-kubernetes-daemonset...
EUVD-2025-210382
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
EUVD-2025-210379
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-36333
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow...
CVE-2025-36336
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.3: ruby3.3-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-bundled-gems-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-default-gems-3.3.10-23.2.hum1 noarch ruby3.3-devel-3.3.10-23.2.hum1 aarch64, x8664...
CVE-2026-48286
Adobe Campaign Classic ACC versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-48286
Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could permit arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the impact is limited to the use...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.4: ruby3.4-3.4.8-31.2.hum1 aarch64, x8664 ruby3.4-bundled-gems-3.4.8-31.2.hum1 aarch64, x8664 ruby3.4-default-gems-3.4.8-31.2.hum1 noarch ruby3.4-devel-3.4.8-31.2.hum1 aarch64, x8664...
CVE-2026-14178
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
EUVD-2026-40326
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
CVE-2026-6953
CVE-2026-6953 describes an HTML injection in Intermark IT's WebControl CMS v3.5. The vulnerability allows an attacker to send HTML-containing content to a victim via the contact form by crafting a request to /processContact.do with parameters such as nombreApellidos, dirección, and comentarios. A...
Giga Messenger WordPress - Cross-Site Scripting
Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...
ROOT-OS-DEBIAN-13-CVE-2026-53106 CVE-2026-53106 in rootio-linux - Patched by Root
Root has patched CVE-2026-53106 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
GHSA-HC7R-6254-88W5 vulnerabilities
Vulnerabilities for packages: py3-systemd...
Security update for google-cloud-sap-agent (important)
openSUSE security update: security update for google-cloud-sap-agent ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21010-1 Rating: important References: bsc1265764 bsc1265991 bsc1266604 Cross-References: CVE-2026-33186 CVE-2026-33814 CVE-2026-3498...
CVE-2026-13763
creationtimestamp| type| source ---|---|--- 2026-06-29 22:45:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mphkvs6ply2x 2026-06-29 23:29:04+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mphndjd77w2u 2026-06-29 23:29:04+00:00| seen|...
CVE-2026-55956
creationtimestamp| type| source ---|---|--- 2026-06-29 22:38:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mphkji2ejb2s 2026-06-29 23:02:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mphltgcvtn24 2026-06-29 23:19:22+00:00| seen|...