SUSE CVE-2009-0895

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow...

BIT-DRUPAL-2020-13670

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

Default credentials

Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials...

CVE-2023-28094

Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials...

UBUNTU-CVE-2020-13670

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

Security feature bypass

Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...

CVE-2020-13664

Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file system. With this directory in place, an attacker could attempt to...

Drupal Core SA-CORE-2019-010 Multiple Security Vulnerabilities

Description Drupal is prone to multiple security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Drupal versions 8.7.x prior to 8.7.11 and versions 8.8.x prior to 8.8.1 are...

Security Bulletin: Vulnerability in the OpenSSL Library Affects IBM Tealeaf Customer Experience (CVE-2017-3735)

Summary A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience could permit a a remote attacker to obtain sensitive information. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an...

Zimbra 8.7.x < 8.7.11 Patch4, 8.8.x < 8.8.8 Patch4 XSS Vulnerability

Zimbra is prone to a persistent cross-site scripting XSS vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Sendmail 8.8.x - 8.8.3 Group Permissions Vulnerability

The remote sendmail server, according to its version number, allows local users to write to a file and gain group permissions via a .forward or :include: file. SPDX-FileCopyrightText: 2001 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...