Security Bulletin: A security vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2024-29371).

Summary A security vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2024-29371. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address this vulnerability. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873

Summary IBM Maximo Application Suite - Manage Component uses ajv-6.12.6 in multiple applications which is vulnerable CVE-2025-69873 Vulnerability Details CVEID:CVE-2025-69873 DESCRIPTION: ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS...

Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent file lock for Python. Prior to...

CVE-2025-14684

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

CVE-2026-32517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kleor Contact Manager contact-manager allows Reflected XSS.This issue affects Contact Manager: from n/a through = 9.1...

CVE-2026-32517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kleor Contact Manager contact-manager allows Reflected XSS.This issue affects Contact Manager: from n/a through = 9.1...

CVE-2026-32517 WordPress Contact Manager plugin <= 9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kleor Contact Manager contact-manager allows Reflected XSS.This issue affects Contact Manager: from n/a through = 9.1...

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.3 which is vulnerable to CVE-2025-66221

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.3-py3-none-any.whl which is vulnerable to CVE-2025-66221. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-66221 DESCRIPTION: Werkzeug is a...

Security Bulletin: IBM Edge Data Collector uses Python package - setuptools which is vulnerable to CVE-2025-47273, CVE-2024-6345.

Summary IBM Edge Data Collector uses Python package - setuptools which is vulnerable to CVE-2025-47273, CVE-2024-6345. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-47273 DESCRIPTION: setuptools is a package that allows users ...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses bcpkix-jdk18on-1.78.1.jar which is vulnerable to CVE-2025-8916

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses bcpkix-jdk18on-1.78.1.jar which is vulnerable to CVE-2025-8916. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of...

IBM OpenPages Cross-Site Scripting Vulnerability

IBM OpenPages is an AI-powered, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM OpenPages version 9.1 and 9.0, which stems from the application's lack of effective filtering and escaping of...

EUVD-2019-8794

Malware in sbrugna...

EUVD-2008-3844

Malware in sbrugna...

EUVD-2018-9691

Malware in sbrugna...

EUVD-2020-2595

Malware in sbrugna...

EUVD-2017-16867

Malware in sbrugna...

EUVD-2004-0529

Malware in sbrugna...

EUVD-2024-29807

Malicious code in bioql PyPI...

CVE-2025-9199 Woo superb slideshow transition gallery with random effect <= 9.1 - Authenticated (Contributor+) SQL Injection

The Woo superb slideshow transition gallery with random effect plugin for WordPress is vulnerable to SQL Injection via the 'woo-superb-slideshow' shortcode in all versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

LiquidThemes MagicAI 安全漏洞

LiquidThemes MagicAI is an AI software from LiquidThemes, UK. A security vulnerability exists in LiquidThemes MagicAI version 9.1, which stems from insufficient cleanup of the prompt parameter input in the dashboard/user/generator/generate-stream endpoint, which could lead to a cross-site scripti...