Linux Distros Unpatched Vulnerability : CVE-2026-1605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding:...

HCL Unica 安全漏洞

HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to cross-site scripting attacks...

HCL Unica 安全漏洞

HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to file upload attacks...

HCL Unica 安全漏洞

HCL Unica is an enterprise-level marketing automation and campaign management platform from HCL India. A security vulnerability exists in HCL Unica version 12.0.0 that stems from vulnerability to cross-site request forgery attacks...

CVE-2025-46752

A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code...

EUVD-2018-0238

Malware in sbrugna...

EUVD-2022-0807

Malicious code in bioql PyPI...

MAL-2025-47824 Malicious code in phoenix-privacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cdec9e2a1102dc27688b95b7b25b6609f0805e7ae034f4d3fc1ae47dfe9c8baf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-54413

A flaw was found in skops. An inconsistency in MethodNode allows access to unexpected object fields through dot notation when a specially crafted model file is loaded. This issue allows arbitrary code execution at load time...

CVE-2025-54413 skops' MethodNode can access unexpected object fields through dot notation, leading to arbitrary code execution at load time

skops is a Python library which helps users share and ship their scikit-learn based models. Versions 0.11.0 and below contain an inconsistency in MethodNode, which can be exploited to access unexpected object fields through dot notation. This can be used to achieve arbitrary code execution at loa...

GHSA-X769-3CWV-F8HC Powermail extension for TYPO3 allows Insecure Direct Object Reference

The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...

TYPO3 10.4.0 < 10.4.50 ELTS / 11.0.0 < 11.5.44 ELTS / 12.0.0 < 12.4.31 / 13.0.0 < 13.4.12 (TYPO3-CORE-SA-2025-016)

The version of TYPO3 installed on the remote host is 10.4.0 prior to 10.4.50 ELTS / 11.0.0 prior to 11.5.44 ELTS / 12.0.0 prior to 12.4.31 / 13.0.0 prior to 13.4.12. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-016 advisory. - Administrator-level backend...

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decision-making by analyzing such things as key factors versus key people. A security...

Eclipse Jetty DoS Vulnerability (GHSA-r7m4-f9h5-gr79) - Windows

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

PT-2024-28991 · Ibm · Ibm Cognos Analytics +1

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.2.0 through 11.2.4 IBM Cognos Analytics versions 12.0.0 through 12.0.3 IBM Cognos Analytics Reports for iOS version 11.0.0.7 Description: A local attacker could obtain sensitive information in the form of an A...

PT-2024-20721 · Ibm · Ibm Cognos Analytics +1

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.2.0 through 11.2.4 IBM Cognos Analytics versions 12.0.0 through 12.0.2 Description: The issue is related to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This...

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 CMS that originates from uncontrolled resource consumption in ShowImageController. The affected versions are as follows: 9.0.0 to 9.5.47; 10.0.0 t...

SUSE CVE-2023-36479

Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, th...

CVE-2023-36479

Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, th...

PT-2023-9272 · Eclipse +4 · Eclipse Jetty +4

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions prior to 9.4.52 Eclipse Jetty versions prior to 10.0.16 Eclipse Jetty versions prior to 11.0.16 Eclipse Jetty versions prior to 12.0.0-beta2 Description: The issue is related to the formation of a command line that...