68 matches found
Advisory ROSA-SA-2026-3306
Component: PHP 7.4.33 OS: ROSA-CHROME Affected versions: = php-7.4.33-13 Affected versions: php-7.4.33-13 CVE-ID: CVE-2024-5458 BDU-ID: 2024-04846 CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability in the filtervar function of the PHP interpreter involves insufficient validation of data...
EUVD-2026-33550
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...
EUVD-2026-29491
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
OTRS 安全漏洞
OTRS is a service management solution developed by the German company OTRS. There is a security vulnerability in OTRS, which stems from an issue with the SQL Box component where resource consumption is uncontrolled, potentially leading to denial-of-service attacks against web servers. The followi...
CVE-2024-53252
creationtimestamp| type| source ---|---|--- 2026-01-22 11:21:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcz2yblmdo2t...
CVE-2024-2484
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Services and Post Type Grid widgets in all versions up to, and including, 2.10.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs
Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU with CVEs CVE-2024-21217, CVE-2024-21208, CVE-2024-10917, CVE-2024-9143 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Fedora: Security Advisory (FEDORA-2024-f247f05e2e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-6746
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input...
CVE-2024-27362
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure...
CVE-2024-13931 Authenticated Relative Path Traversal
Relative Path Traversal vulnerabilities in ASPECT allow access to file resources if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...
CVE-2025-22458
DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System...
CVE-2024-21116
creationtimestamp| type| source ---|---|--- 2025-03-19 18:19:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8104...
CVE-2024-22064
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connectionIKE with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the...
CVE-2024-22360
creationtimestamp| type| source ---|---|--- 2025-02-01 17:28:11+00:00| seen| Telegram/aZnqd84Govqe71AbRZsQ2bt7s41B2w-crbNIzBIZHhsCzlz 2025-02-27 20:25:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5780...
GHSA-RJ9M-QF65-F5GG
creationtimestamp| type| source ---|---|--- 2024-12-31 15:17:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113748100084170494...
CVE-2024-56235
creationtimestamp| type| source ---|---|--- 2024-12-31 10:41:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113747013095469324 2024-12-31 12:52:11+00:00| seen| https://t.me/cvedetector/13988...
AZL-54692 CVE-2024-56738 affecting package grub2 2.06-16
GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...
CVE-2024-56549
creationtimestamp| type| source ---|---|--- 2024-12-27 14:19:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lec6nljrqw22 2024-12-27 15:59:50+00:00| seen| https://t.me/cvedetector/13746...
CVE-2024-12032
creationtimestamp| type| source ---|---|--- 2024-12-25 03:24:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113711319937158435 2024-12-25 04:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le43xhu7nl2f 2024-12-25 06:17:23+00:00| seen|...