Oracle Linux 8 : mariadb-devel:10.3 (ELSA-2026-0698)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0698 advisory. asio 1.10.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild galera 25.3.37-1.0.1 - Bump release for rebuild - x8664 and i386 need to be built...

CVE-2025-22167

This High severity Path Traversal Arbitrary Write vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversal Arbitrary Write vulnerability, with a CVSS Score of 8.7, allows an attacker to modify any filesystem...

EUVD-2017-1259

Malware in sbrugna...

EUVD-2017-1261

Malware in sbrugna...

EUVD-2017-1270

Malware in sbrugna...

CVE-2025-39479 WordPress Smart Notification Plugin <= 10.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in smartiolabs Smart Notification allows Blind SQL Injection. This issue affects Smart Notification: from n/a through 10.3...

Grafana 10.2.x < 10.2.4 Incorrect Authorization

According to its self-reported version, the Grafana install hosted on the remote host is 9.5.x earlier than 9.5.16, or 10.0.x earlier than 10.0.11, or 10.1.x earlier than 10.1.7, or 10.2.x earlier than 10.2.4, or 10.3.x earlier than 10.3.3. It is, therefore, affected by a incorrect authorization...

Grafana 11.2.x < 11.2.1 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is 10.3.x earlier than 10.3.10, or 10.4.x earlier than 10.4.9, or 11.0.x earlier than 11.0.5, or 11.1.x earlier than 11.1.6, or 11.2.x earlier than 11.2.1. It is, therefore, affected by multiple vulnerabilities:...

CVE-2023-26262

An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management CM server...

CVE-2021-37197

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS is vulnerable to SQL injections...

CVE-2020-13264

Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token...

CVE-2025-47930

Zulip Server vulnerability CVE-2025-47930 affects versions 10.0–10.2, where the access control for creating certain channel types can be bypassed by creating a private or web-public channel and then changing its privacy to public (and a similar method to create private channels without permission...

CVE-2025-47930 Zulip Server has access control bypass for restrictions on creation of specific channel types

Zulip is an open-source team chat application. Starting in version 10.0 and prior to version 10.3, the "Who can create public channels" access control mechanism can be circumvented by creating a private or web-public channel, and then changing the channel privacy to public. A similar technique...

Nakivo Backup & Replication 代码问题漏洞

Nakivo Backup & Replication is a reliable, fast and affordable virtual machine backup solution from Nakivo USA. A code issue vulnerability exists in Nakivo Backup & Replication versions 10.3.x through 11.0.1, which stems from an XXE vulnerability that allows remote attackers to obtain and parse a...

Ruijie Networks RG-NBR2600S 安全漏洞

Ruijie Networks RG-NBR2600S is a gateway device from Ruijie Networks China. A security vulnerability exists in Ruijie Networks RG-NBR2600S version 10.34b12, which stems from a lack of length validation, and a buffer overflow vulnerability that could cause a remote target device to crash or execut...

PT-2025-6382 · Ruijie · Ruijie Rg-Nbr2600S Gateway

Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBR2600S Gateway version 10.34b12 Description: The issue is related to a buffer overflow vulnerability due to the lack of length verification in the configuration of source address NAT rules. This can cause the remote target device ...

Ruijie Networks RG-NBR700GW 安全漏洞

Ruijie Networks RG-NBR700GW is an Internet Behavior Management router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks RG-NBR700GW version 10.34b12, which stems from a lack of cookie authentication when resetting the password, resulting in an administrator password...

PT-2024-10803 · Axigen · Axigen Mail Server

Name of the Vulnerable Software and Affected Versions: Axigen Mail Server versions 10.3.x through 10.3.1.26 Axigen Mail Server versions 10.3.2.x through 10.3.2.x Description: An issue in Axigen Mail Server allows unauthenticated attackers to submit a setAdminPassword operation request, setting a...

Grafana Labs Incorrect Authorization (CVE-2023-6152)

According to its self-reported version number, the version of Grafana Labs running on the remote host is a version 9.5.x prior to 9.5.16, 10.0.x prior to 10.0.11, 10.1.x prior to 10.1.7, 10.2.x prior to 10.2.4 or 10.3.x prior to 10.3.3. It is, therefore, affected by an incorrect authorization...

UBUNTU-CVE-2023-3424

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. A Regular Expression Denial of Service was possible via sending crafted payloads to the...