CVE-2026-2253 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Restriction of XML External Entity Reference

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities...

Security Bulletin: IBM DataPower Gateway vulnerable to Prototype Pollution

Summary The affected package is used by the DataPower UI Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable via the mergeDeep, mergeDeepWit...

EUVD-2025-23933

Malicious code in bioql PyPI...

EUVD-2025-23935

Malicious code in bioql PyPI...

CVE-2025-54394

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources...

CVE-2025-54397

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users...

CVE-2025-54396

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this...

CVE-2025-54395

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data...

CVE-2025-54394

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources...

CVE-2025-54392

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 is affected by CVE-2025-54392, a cross-site scripting (XSS) vulnerability in authentication error data. The issue affects the authentication error handling pathway and is documented as a distinct vulnerability from...

CVE-2025-47748

Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password...

Netwrix Directory Manager 安全漏洞

Netwrix Directory Manager is a group and user management software from Netwrix. A security vulnerability exists in Netwrix Directory Manager v.11.0.0.0 and prior and subsequent v.11.1.25134.03 versions, which stems from a lack of authentication for critical functions...

IObit Driver Booster 代码问题漏洞

IObit Driver Booster is a driver updater from IObit. A code issue vulnerability exists in IObit Driver Booster version 11.0.0.0, which stems from an unknown operation in the VCL120.BPL library that can lead to uncontrolled search paths...

PT-2024-38268 · Iobit · Iobit Driver Booster

Name of the Vulnerable Software and Affected Versions: IObit Driver Booster version 11.0.0.0 Description: A critical issue affects some unknown functionality in the library VCL120.BPL of the component BPL Handler, leading to an uncontrolled search path. The manipulation requires a local attack. T...

Dell OpenManage Server Administrator Access Control Error Vulnerability

Dell OpenManage Server Administrator Dell OMSA is a software agent from Dell Dell USA. It provides a comprehensive one-to-one system management solution in two ways. An Access Control Error vulnerability exists in Dell OpenManage Server Administrator version 11.0.0.0 and prior versions, which...

Alkacon Software OpenCMS 跨站脚本漏洞

Alkacon Software OpenCMS is Germany's Alkacon Software a set of open source Java and XML-based content management system CMS. The system supports template engine, WYSIWYG editor and so on. A security vulnerability exists in Alkacon Software OpenCMS version v11.0.0.0. An attacker can exploit the...

Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Analytics 11.0.8.0 GA as well as 11.0.7.0 and 11.0.6.0 Interim Fixes Vulnerability Details CVEID: CVE-2017-1783 DESCRIPTION: IBM Cognos Analytics could allow a local user to change parameters set from th...