Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent file lock for Python. Prior to...

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

Security Bulletin: IBM Edge Data Collector uses Python package - setuptools which is vulnerable to CVE-2025-47273, CVE-2024-6345.

Summary IBM Edge Data Collector uses Python package - setuptools which is vulnerable to CVE-2025-47273, CVE-2024-6345. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-47273 DESCRIPTION: setuptools is a package that allows users ...

Security Bulletin: IBM Edge Data Collector uses next-15.5.5.tgz which is vulnerable to CVE-2025-55182.

Summary IBM Edge Data Collector uses next-15.5.5.tgz which is vulnerable to CVE-2025-55182. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-55182 DESCRIPTION: A pre-authentication remote code execution vulnerability exists in React Server...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses csvtojson-2.0.10.tgz which is vulnerable to CVE-2025-57350.

Summary IBM Maximo Application Suite - Monitor Component uses csvtojson-2.0.10.tgz which is vulnerable to CVE-2025-57350. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-57350 DESCRIPTION: The csvtojson package, a tool for...

CVE-2024-32797

Missing Authorization vulnerability in Martin Gibson WP LinkedIn Auto Publish.This issue affects WP LinkedIn Auto Publish: from n/a through 8.11...

Security Bulletin: IBM Maximo Application Suite uses ansible-operator 7.11.6 which is vulnerable to CVE-2024-0690.

Summary IBM Maximo Application Suite uses ansible-operator 7.11.6 which is vulnerable to CVE-2024-0690. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-0690 DESCRIPTION: Red Hat Ansible could allow a local authenticated attacker...

Security Bulletin: IBM Maximo Application Suite uses Flask_Cors-4.0.0-py2.py3-none-any.whl which is vulnerable to CVE-2024-1681

Summary IBM Maximo Application Suite uses FlaskCors-4.0.0-py2.py3-none-any.whl which is vulnerable to CVE-2024-1681. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-1681 DESCRIPTION: Flask-CORS could allow a remote attacker to...

WordPress WP LinkedIn Auto Publish Plugin <= 8.11 is vulnerable to Broken Access Control

Software WP LinkedIn Auto Publish Type Plugin Vulnerable versions = 8.11 Fixed in 8.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32797 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 03094155e86a Credits Abdi Pranata Required...

CVE-2024-22328

IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 279950...

GitLab 8.9.x - 8.10.12, 8.11.x - 8.11.9, 8.12.x - 8.12.7, 8.13.x - 8.13.2 Directory Traversal Vulnerability

GitLab is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

Race condition

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under specific condition an unauthorised project member was allowed to delete a protected branches du...

CVE-2021-39931

GitLab CE/EE CVE-2021-39931 affects all versions from 8.11 up to 14.3.6, and 14.4 up to 14.4.4, and 14.5 up to 14.5.2. The flaw is a business-logic error that allowed an unauthorized project member to delete a protected branch. Impact described in the sources involves unauthorized deletion by low...

CVE-2020-5765

Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session. Tenable has implemented additiona...

CVE-2020-10978

GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API...

Oracle Hospitality Applications Hospitality Suite8 Component Information Disclosure Vulnerability

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle. The product provides human resources cost management, provide customers throughout the journey to track the management of services to improve customer...

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================================== YACS CMS 8.11 updatetrailer.php Remote File Inclusion Vulnerability ==================================================================== -----------------remote file...

YACS CMS 8.11 - update_trailer.php Remote File Inclusion

YACS CMS 8.11 - updatetrailer.php Remote File Inclusion -----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from:...

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability

No description provided by source. -----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from: http://www.yetanothercommunitysystem.com/file-fetch/814-20081130-yacs-8.11rc30.zip...

DeleGate < 8.11 Multiple Unspecified Overflows

The remote host is running DeleGate, a multi-application proxy. According to its banner, the installed version of DeleGate contains multiple unspecified 'overflows on arrays', which could lead to arbitrary code execution subject to the privileges under which the application operates. C Tenable...