CVE-2025-14684 IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

CVE-2025-14684

CVE-2025-14684 affects IBM Maximo Application Suite - Monitor Component. Root cause: improper neutralization of special elements when written to log files, enabling log forgery. Affected versions: Monitor Component 8.10, 8.11, 9.0, 9.1. Remediation/fixes: update to Monitor Component versions 8.10...

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

WeGIA 安全漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.5 contained security vulnerabilities. These vulnerabilities stemmed from the adicionartipodocsatendido.php script not being processed through a central...

PT-2026-22411

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.5 Description WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the adicionar tipo docs atendido.php script does not utilize the project’s central controller and lacks appropriate...

EUVD-2022-40540

Malicious code in bioql PyPI...

Security update for cups

This update for cups fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. CVE-2025-58060: no password check when AuthType is se...

PT-2023-22377 · Unknown · Bt21 X Bts Wallpaper

Name of the Vulnerable Software and Affected Versions: BT21 x BTS Wallpaper app version 12 for Android Description: The issue allows unauthorized applications to request permission to insert data into the database that records user personal preferences. This data is loaded into memory when the...

CVE-2022-37933

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware...

Code injection

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware...

CVE-2022-37933

HPE Superdome Flex and Superdome Flex 280 servers are affected by CVE-2022-37933. Affects: HPE Superdome Flex firmware 3.60.50 and below; HPE Superdome Flex 280 firmware 1.40.60 and below. Issue causes local unauthorized data injection. Remediation: upgrade to firmware versions above 3.60.50 (for...

PT-2023-13558 · Hewlett Packard · Hpe Superdome Flex +1

Name of the Vulnerable Software and Affected Versions: HPE Superdome Flex versions 3.60.50 and below HPE Superdome Flex 280 servers versions 1.40.60 and below Description: A potential security issue has been identified in HPE Superdome Flex and Superdome Flex 280 servers, which could allow local...

CVE-2022-28623

Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SS...

CVE-2022-28623

Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SS...

CVE-2022-28623

HPE IceWall SSO 10.0 certd library contains a remote SQL injection/unauthorized data injection vulnerability (CVE-2022-28623). The issue affects the certd component and is mitigated by Patch 9 for both RHEL and HP-UX releases.

CVE-2020-26143

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration...

CVE-2020-2816

A flaw was found in the TLS/SSL implementation in the JSSE component of OpenJDK, where it did not properly handle application data packets received before the handshake completion. This flaw allowed unauthorized injection of data at the beginning of a TLS session...