CVE-2026-26978

FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected...

FreePBX 代码问题漏洞

FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI graphical web-based interface. Versions of FreePBX prior to 16.0.71 and 17.0.6 contained code vulnerabilities. These vulnerabilities stemmed from the backup module failing ...

CVE-2025-61678

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains an authenticated arbitrary file upload vulnerability affecting the fwbrand...

EUVD-2025-34454

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

EUVD-2025-34482

The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. In Endpoint Manager 16 before 16.0.92 and 17 before 17.0.6, insufficiently sanitized user-supplied input allows authenticated OS command...

CVE-2025-59051 FreePBX Endpoint Manager command injection via Network Scanning feature

The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. In Endpoint Manager 16 before 16.0.92 and 17 before 17.0.6, insufficiently sanitized user-supplied input allows authenticated OS command...

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, or to bypass security measures to gain access to projects that the malicious party is not initially authorized to access. GitL...

CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

Mozilla Thunderbird Multiple Vulnerabilities -01 (May 2013) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird Multiple Vulnerabilities -01 May13 (Windows)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvuln01may13win.nasl 6125 2017-05-15 09:03:42Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities -01 May13 Windows Authors: Arun Kallavi Copyright:...

Mozilla Thunderbird Multiple Vulnerabilities -01 May13 (Mac OS X)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvuln01may13macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities -01 May13 Mac OS X Authors: Arun Kallavi...

Mozilla Firefox ESR Multiple Vulnerabilities -01 May13 (Mac OS X)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvuln01may13macosx.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities -01 May13 Mac OS X Authors: Arun Kallavi Copyrigh...

Firefox ESR 17.x < 17.0.6 Multiple Vulnerabilities

The installed version of Firefox ESR 17.x is earlier than 17.0.6, and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist. CVE-2013-0801 - It is possible to call a content level constructor that allows for the constructor to have chrome...

RHEL 5 / 6 : thunderbird (RHSA-2013:0821)

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...