Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN- OS software allo...

Dell Unisphere for PowerMax 安全漏洞

Dell Unisphere for PowerMax is a graphical management platform developed by the American company Dell. Version 10.2 of Dell Unisphere for PowerMax contains a security vulnerability. This vulnerability stems from external control over file names or paths, which could lead to the deletion of any fi...

Dell Unisphere for PowerMax 安全漏洞

Dell Unisphere for PowerMax is a graphical management platform developed by the American company Dell. Version 10.2 of Dell Unisphere for PowerMax contains a security vulnerability. This vulnerability stems from external control over file names or paths, which could lead to information leakage...

Dell Unisphere for PowerMax 安全漏洞

Dell Unisphere for PowerMax is a graphical management platform developed by the American company Dell. Version 10.2 of Dell Unisphere for PowerMax contains a security vulnerability. This vulnerability stems from external control over file names or paths, which may lead to the overwriting of any...

Palo Alto Networks PAN-OS 10.2.x < 10.2.17 / 11.1.x < 11.1.6-h21 / 11.1.7-10.x < 11.1.10-h7 / 11.2.x < 11.2.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.17, 11.1.x prior to 11.1.6-h21, 11.1.7-10.x prior to 11.1.10-h7, or 11.2.x prior to 11.2.8. It is, therefore, affected by a vulnerability. An improper input neutralization vulnerability in the management w...

EUVD-2025-32587

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

EUVD-2022-0535

Malicious code in bioql PyPI...

EUVD-2021-8654

Malicious code in bioql PyPI...

EUVD-2025-26077

Malicious code in bioql PyPI...

CVE-2025-34522

A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...

CVE-2025-34520 Arcserve UDP < 10.2 Authentication Bypass

An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...

CVE-2025-34522

Arcserve UDP contains a pre-auth heap-based buffer overflow in its input parsing logic (UDP

Grafana 10.2.x < 10.2.4 Incorrect Authorization

According to its self-reported version, the Grafana install hosted on the remote host is 9.5.x earlier than 9.5.16, or 10.0.x earlier than 10.0.11, or 10.1.x earlier than 10.1.7, or 10.2.x earlier than 10.2.4, or 10.3.x earlier than 10.3.3. It is, therefore, affected by a incorrect authorization...

CVE-2021-37197

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS is vulnerable to SQL injections...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal versions 8.0.X prior to 10.1.8 and 10.2.X prior to 10.2.2, which stems from a vulnerability that allows for over-allocation...

CVE-2024-7477 Avaya Aura System Manager SQL injection vulnerability

A SQL injection vulnerability was found which could allow a command line interface CLI user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

PT-2024-38374 · Avaya · Avaya Aura System Manager

Name of the Vulnerable Software and Affected Versions: Avaya Aura System Manager versions 10.1.x.x through 10.2.x.x Description: An improper access control issue was found in Avaya Aura System Manager, allowing a command-line interface user with administrative privileges to read arbitrary files o...

WordPress Salon Booking System plugin <= 10.2 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Gibran Abdillah in WordPress Plugin Salon booking system versions = 10.2...

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component coul...