14 matches found
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error in the OIDC discovery process when the X-Forwarded-Host header is not validated and no allowed-hosts list is configured. An attacker can manipulate the issuer and JWKS URI in the discovery document by supplying a...
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
GHSA-939R-RJ45-G2RJ OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins
Summary Workspace provider auth choices could auto-enable untrusted provider plugins. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact Non-interactive onboarding could select a provider auth choice shadowed by an untrusted workspace plugin,...
Security Bulletin: Multiple vulnerabilities in IBM webMethods Integration Server
Summary Multiple vulnerabilities were addressed in IBM webMethods Integration Server fixes. Vulnerability Details CVEID:CVE-2025-49128 DESCRIPTION: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version...
PT-2025-53586
Name of the Vulnerable Software and Affected Versions IBM Aspera Faspex 5 versions 5.0.0 through 5.0.14.1 Description The software may have inconsistent permissions between the user interface and backend API. This could allow users to access features that appear disabled, potentially leading to...
PT-2025-34798
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.13-28 ImageMagick versions prior to 7.1.2-2 Description: ImageMagick is software used for editing and manipulating digital images. A format string bug exists in the InterpretImageFilename function where user...
CVE-2022-39395
Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to...
Release Information for Veeam Backup & Replication 12.3
Requirements You can check the installed build number in the Veeam Backup & Replication Console's Main Menu ≡ under Help About. Release Information 12.3.2.4854 2026-06-08 Security Vulnerabilities CVE-2026-44963 | Severity: Critical 9.4 A vulnerability allowing remote code execution RCE on the...
PT-2024-2730
Name of the Vulnerable Software and Affected Versions Apache Commons Compress versions 1.3 through 1.25.0 Bamboo Data Center and Server versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 Confluence Data Center and Server version 7.14 Description The issue is related to a Loop with Unreachable...
Command Execution Vulnerability in Tplay Backend
Tplay is a backend management framework based on ThinkPHP 5.0.13 + layui2.2.45 + Mysql development, PHP version required to upgrade to 5.5. A command execution vulnerability exists in Tplay backend. An attacker can exploit this vulnerability to gain server privileges...
Release Information for Veeam Agent for Oracle Solaris 2.0
Requirements Upgrade from v1 is not supported, clean installation is required. Upgrade from Veeam Agent for Solaris 2.0 RTM build 2.0.0.123 is possible. Please confirm that you are running version 2.0.0.123 or later prior to upgrading. You can check this using veeamconfig --version in Oracle...
OPENSUSE-SU-2019:0208-1 Security update for runc
This update for runc fixes the following issues: Security vulnerablities addressed: - CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container breakout bsc1121967 - CVE-2018-16873: Fix a remote command executi...
How to Perform a Partial Site Upgrade in NetScaler SD-WAN 10.0
NetScaler SD-WAN 10.0 has been designed to accommodate large scale deployments, with the capability of supporting up to 2500 sites. The partial site upgrade feature is one enhancement that will accommodate such large scale deployments. This feature allows administrators to stage upgrades at...
SCVMM 2008 R2 Server (64 bit)
This detects if the Microsoft System Center Virtual Machine Manager 2008 R2 Server product is installed. Also detects that the VMMService is installed this is not installed if "/prep" option is given at setup. This update should not be offered if the VMMService is not installed, only after the...