Dräger Protector Software 安全漏洞

Dräger Protector Software is a gas detection and safety monitoring management platform developed by the German company Dräger. Versions of Dräger Protector Software prior to version 6.4.2 contained security vulnerabilities. These vulnerabilities were due to insecure file system permissions, which...

Linux Distros Unpatched Vulnerability : CVE-2026-8450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form...

CVE-2026-25908

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

EUVD-2026-23370

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

EUVD-2026-14702

Out-of-bounds Read vulnerability in rizonesoft Notepad3 ‎scintilla/oniguruma/src modules. This vulnerability is associated with program files regcomp.C‎. This issue affects Notepad3: before 6.25.714.1...

CVE-2026-27233 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

karapace 路径遍历漏洞

Karapace is an open-source message queue tool developed by Aiven Open. Versions of Karapace prior to 6.0.0 contained a path traversal vulnerability. This vulnerability stemmed from issues with the backup reader, allowing for arbitrary file access...

VulnCheck KEV: CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

doorman 输入验证错误漏洞

Doorman is a configuration manager developed by Marcin Wielgoszewski. Versions of Doorman prior to 0.6 contained a vulnerability related to input validation errors. This vulnerability stemmed from incorrect handling of the parameter “Next” in the file “doorman/users/views.py”, which could lead to...

CVE-2026-24873 Out-of-bounds read in lpp-vita

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

CVE-2021-2442

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

PT-2026-2142

Name of the Vulnerable Software and Affected Versions Logging Redactor versions prior to 0.0.6 Description Logging Redactor is a Python library used to redact sensitive data in logs using regex patterns or dictionary keys. Versions prior to 0.0.6 incorrectly convert non-string data types into...

OpenCTI 安全漏洞

OpenCTI is an open source cyber threat intelligence platform from OpenCTI Open Source. A security vulnerability exists in OpenCTI versions prior to 6.8.1, which stems from a lack of authorization checking in a GraphQL mutation that could lead to unauthorized resource deletion...

EUVD-2025-175362

Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering...

CVE-2025-62876

A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects lightdm-kde-greeter. before 6.0.4...

Zoom Workplace < 6.5.10 Vulnerability (ZSB-25046)

The version of Zoom Workplace installed on the remote host is prior to 6.5.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25046 advisory. - Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity vi...

Zoom Workplace < 6.5.10 Vulnerability (ZSB-25041)

The version of Zoom Workplace installed on the remote host is prior to 6.5.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25041 advisory. - External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of...

CVE-2025-9339

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-character limit in form fields. Identified use case allows to delete tables with a name of maximum 6...

EUVD-2025-35175

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user to send a payload of up to 20 characters. Identified use case allows to delete tables with a name of maximum 6 characters. We weren't able to identify a way to exfiltrate da...