HCL BigFix Server 11.0.x < 11.0.6 Insufficient Authentication (KB0129906)

The version of HCL BigFix Server installed on the remote host is 11.0.x prior to 11.0.6. It is, therefore, affected by an insufficient authentication vulnerability: - HCL BigFix Platform is affected by insufficient authentication. The application might allow users to access sensitive areas of the...

IBM多款产品 代码问题漏洞

IBM Security Verify Access ISAM is a product of the American multinational company International Business Machines IBM. IBM Security Verify Access is a service that enhances user access security. IBM Verify Identity Access Container is a containerized software that provides authentication and...

IBM多款产品 环境问题漏洞

IBM Security Verify Access ISAM is a product of the American multinational company International Business Machines IBM. IBM Security Verify Access is a service that enhances user access security. IBM Verify Identity Access Container is a containerized software that provides authentication and...

CVE-2026-2844

Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Manipulation.This issue affects TimePictra: from 11.0 through 11.3 SP2...

EUVD-2026-9102

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2...

CVE-2026-3010 TimePictra Stored Cross-Site Scripting

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2...

CVE-2026-3010 TimePictra Stored Cross-Site Scripting

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2...

CVE-2026-1218

A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted is the function initRCForm of the file RichClientService.class of the component com.artery.richclient.RichClientService. Performing a manipulation results in xml external entity reference. The attack is possible to be carried...

Atlassian Jira Service Management Data Center and Server 11.0.x < 11.2.0 (JSDSERVER-16466)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16466 advisory. - The Spring Security annotation detection mechanism may not correctly resolve annotations on methods...

Bjskzy Zhiyou ERP code-related vulnerabilities

Bjskzy Zhiyou ERP is an enterprise resource planning software developed by Bjskzy in Beijing, China. Versions of Bjskzy Zhiyou ERP 11.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations on the com.artery.richclient.RichClientService component’s...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 11.1.0 and prior to 11.1.x, 11.0.5 and prior to 11.0.x, 10.12.3 and prior to 10.12.x, and 10.11.7 and prior to 10.11.x. The vulnerability stems fr...

CVE-2025-62190

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 and Mattermost Calls versions =1.10.0 fail to implement CSRF protection on the Calls widget page which allows an authenticated attacker to initiate calls and inject messages into channels or direct messages via a malicious...

CVE-2025-12756

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users...

Drupal 11.0.x < 11.1.9 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - Drupal Core has a rarely used feature, provided by an underlying library, which allows certain attributes of incoming HTTP requests to be overridden. - Drupal core contains a...

PT-2025-46946

Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11.0 Description Mattermost fails to correctly implement the "Allow users to view archived channels" setting. This allows regular users to access content and files within archived channels through the "Open in...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions prior to 11.0, which stems from a failure to properly implement a setting that allows users to view archived channels, which could result in a...

CVE-2025-22167

This High severity Path Traversal Arbitrary Write vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversal Arbitrary Write vulnerability, with a CVSS Score of 8.7, allows an attacker to modify any filesystem...

EUVD-2016-2575

Malware in sbrugna...

EUVD-2016-9049

Malware in sbrugna...

EUVD-2024-23012

Malicious code in bioql PyPI...