CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 are affected by CVE-2026-1274, a Bypass Business Logic vulnerability in the access management control panel (CWE-840). The IBM bulletin lists the affected versions and provides version-specific fixes via Fix Central bundles for 12.0, 12.1, and 12....

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

CVE-2026-5413

A vulnerability was identified in Newgen OmniDocs up to 12.0.00. Affected by this vulnerability is an unknown functionality of the file /omnidocs/GetWebApiConfiguration. The manipulation of the argument connectionDetails leads to information disclosure. The attack is possible to be carried out...

PT-2026-29866

Name of the Vulnerable Software and Affected Versions Newgen OmniDocs versions up to 12.0.00 Description A security flaw exists in Newgen OmniDocs up to version 12.0.00. The issue involves improper control of resource identifiers due to manipulation of the DocumentId argument within the...

CVE-2025-14289

IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

CVE-2025-14289

IBM webMethods Integration Server 12.0 is vulnerable to HTML injection in the Security > Claims UI (CVE-2025-14289). A remote attacker could inject malicious HTML that executes in the victim’s browser within the hosting site’s security context. Root cause: improper neutralization of script-rel...

IBM webMethods Integration Server 安全漏洞

IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...

PT-2026-2376

Name of the Vulnerable Software and Affected Versions Wondershare Dr.Fone version 12.0.18 Description Wondershare Dr.Fone version 12.0.18 contains an unquoted service path issue. This allows local users to execute arbitrary code with elevated system privileges. The misconfigured service path can ...

CVE-1999-0445

In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters...

Exploit for CVE-2025-12097

CVE-2025-12097 Description NI modification of Appweb serv...

CVE-2025-67538 WordPress JNews Gallery plugin < 12.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews Gallery jnews-gallery allows Stored XSS.This issue affects JNews Gallery: from n/a through 12.0.1...

PT-2025-49158

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description A memory corruption issue exists in WatchGuard Fireware OS. An unauthenticated attacker can potentially cause a Denial of...

CVE-2025-51733

Cross-Site Request Forgery CSRF vulnerability in HCL Technologies Ltd. Unica 12.0.0...

CVE-2025-51734

Cross-site scripting XSS vulnerability in HCL Technologies Ltd. Unica 12.0.0...

CVE-2025-51735

CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0...

PT-2025-43535

Name of the Vulnerable Software and Affected Versions Piranha CMS versions 12.0 and 12.1 Description A stored cross-site scripting XSS issue exists in the /manager/pages component of Piranha CMS. This allows attackers to execute arbitrary web scripts or HTML by creating a page and injecting a...

CVE-2024-25532

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the btid parameter at /include/getdict.aspx...

ses's global contour bindings leak into Compartment lexical scope

Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 that stems from a cross-site request forgery vulnerability in the back-end user interface deep linking functionality, which allows an attacker to...

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. A security vulnerability exists in AXIS OS versions 9.80 through 12.0, which stems from vulnerability to a competitive condition attack that can be exploited by an attacker to block access to the override configuration page in the Axis...