CVE-2026-8405 IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

CVE-2026-40606 ProxyAuth Addon LDAP Injection in mitmproxy

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

CVE-2026-40606

The CVE affects mitmproxy (and mitmweb as its web interface) where, in versions 12.2.1 and below, the built-in LDAP proxyauth authentication does not sanitize the username correctly when querying the LDAP server. This allows a malicious client to bypass authentication, but only for instances usin...

GHSA-527G-3W9M-29HV mitmproxy has an LDAP Injection

Impact In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. Only mitmproxy instances using the proxyauth option with LDAP are affected. This option is n...

PT-2026-33226

Name of the Vulnerable Software and Affected Versions mitmproxy versions prior to 12.2.2 Description The builtin LDAP proxy authentication fails to correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. This issue only affects...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service

Summary IBM Event Streams is vulnerable to a denial of service due to inefficient handling of slow SSH key exchanges CVE-2025-22869 Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients...

EUVD-2019-6662

Malware in sbrugna...

PT-2025-3688 · Opentext · Opentext Solutions Business Manager

Name of the Vulnerable Software and Affected Versions: OpenText Solutions Business Manager SBM versions prior to 12.2.1 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. This could lead to the exposure of...

Rocket Software UniData 和 UniVerse 缓冲区错误漏洞

Rocket Software UniVerse and Rocket Software UniData are both products of Rocket Software, Inc. Rocket Software UniVerse is a suite of database management and support software now owned by Rocket Software. Software UniData is a MultiValue application platform. Rocket Software UniData is a...

Apple Mac OS X Security Update (HT213092)

Apple Mac OS X is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-14506

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly...

CVE-2020-16247 Philips Clinical Collaboration Platform Configuration

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource...

CVE-2020-16200 Philips Clinical Collaboration Platform Algorithm Downgrade

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the amount of resources consumed, eventually leading to the exhaustion of available resources...

Philips Clinical Collaboration Platform Improper Access Control Vulnerability

Philips Clinical Collaboration Platform is an HMI data management platform. An improper access control vulnerability exists in Philips Clinical Collaboration Platform version 12.2.1 and earlier. An attacker could exploit the vulnerability to gain unauthorized access to resources...

Philips Clinical Collaboration Platform Input Validation Error Vulnerability

Clinical Collaboration Platform is a clinical healthcare collaboration platform from Philips in the Netherlands. An input validation error vulnerability exists in Clinical Collaboration Platform version 12.2.1 and above. The vulnerability stems from the network system or product not properly...

Philips Clinical Collaboration Platform Cross-Site Request Forgery Vulnerability

Clinical Collaboration Platform is an HMI data management platform. A cross-site request forgery vulnerability exists in Clinical Collaboration Platform version 12.2.1 and earlier. An attacker can exploit this vulnerability to conduct cross-site request forgery attacks...

Philips Clinical Collaboration Platform Algorithm Degradation Vulnerability

Philips Clinical Collaboration Platform is an HMI data management platform. An algorithm degradation vulnerability exists in Philips Clinical Collaboration Platform version 12.2.1 and earlier. The vulnerability stems from the software failing to properly control the allocation and maintenance of...

Philips Clinical Collaboration Platform Protection Mechanism Failure Vulnerability

Philips Clinical Collaboration Platform is an HMI data management platform. A protection mechanism failure vulnerability exists in Philips Clinical Collaboration Platform version 12.2.1 and earlier. The vulnerability stems from when an attacker claims to have a given identity, the software fails ...

XWiki < 11.10.5, 12.x < 12.2.1 RCE Vulnerability

XWiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; if...

Vulnerability fixed in XWiki

The developers of XWiki have fixed a vulnerability. A malicious person with SCRIPT privileges could exploit the vulnerability to gain access to the server's Instance Manager and thereby create arbitrary Java objects. The developers have released updates to fix the vulnerability fix in XWiki 12.2....