Linux Distros Unpatched Vulnerability : CVE-2026-8450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form...

CVE-2026-25908

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

EUVD-2026-23370

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

EUVD-2026-14702

Out-of-bounds Read vulnerability in rizonesoft Notepad3 ‎scintilla/oniguruma/src modules. This vulnerability is associated with program files regcomp.C‎. This issue affects Notepad3: before 6.25.714.1...

CVE-2026-27233 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

karapace 路径遍历漏洞

Karapace is an open-source message queue tool developed by Aiven Open. Versions of Karapace prior to 6.0.0 contained a path traversal vulnerability. This vulnerability stemmed from issues with the backup reader, allowing for arbitrary file access...

VulnCheck KEV: CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

doorman 输入验证错误漏洞

Doorman is a configuration manager developed by Marcin Wielgoszewski. Versions of Doorman prior to 0.6 contained a vulnerability related to input validation errors. This vulnerability stemmed from incorrect handling of the parameter “Next” in the file “doorman/users/views.py”, which could lead to...

CVE-2026-24873 Out-of-bounds read in lpp-vita

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6...

CVE-2021-2442

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

PT-2026-2142

Name of the Vulnerable Software and Affected Versions Logging Redactor versions prior to 0.0.6 Description Logging Redactor is a Python library used to redact sensitive data in logs using regex patterns or dictionary keys. Versions prior to 0.0.6 incorrectly convert non-string data types into...

OpenCTI 安全漏洞

OpenCTI is an open source cyber threat intelligence platform from OpenCTI Open Source. A security vulnerability exists in OpenCTI versions prior to 6.8.1, which stems from a lack of authorization checking in a GraphQL mutation that could lead to unauthorized resource deletion...

EUVD-2025-175362

Dell Alienware Command Center 6.x AWCC, versions prior to 6.10.15.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering...

CVE-2025-62876

A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects lightdm-kde-greeter. before 6.0.4...

Zoom Workplace < 6.5.10 Vulnerability (ZSB-25046)

The version of Zoom Workplace installed on the remote host is prior to 6.5.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25046 advisory. - Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity vi...

Zoom Workplace < 6.5.10 Vulnerability (ZSB-25041)

The version of Zoom Workplace installed on the remote host is prior to 6.5.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25041 advisory. - External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of...

CVE-2025-9339

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-character limit in form fields. Identified use case allows to delete tables with a name of maximum 6...

EUVD-2025-35175

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user to send a payload of up to 20 characters. Identified use case allows to delete tables with a name of maximum 6 characters. We weren't able to identify a way to exfiltrate da...

CVE-2025-36636 Improper Access Control

In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...