975 matches found
CVE-2026-51926
An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid...
CVE-2026-51923
The CVE-2026-51923 entry concerns docuForm GmbH Client v.11.11c with an Insecure Direct Object Reference (IDOR) vulnerability in the user settings component. The technical detail provided states that a remote attacker can execute arbitrary code and modify or retrieve sensitive data associated wit...
CVE-2026-13054
A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1...
CVE-2026-10109
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...
EUVD-2026-40393
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns...
EUVD-2026-39492
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...
ROS-20260623-73-0014
Vulnerability in Python 3.11 related to the lack of measures taken to clean data at the management level. Exploitation of this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2026-46914
Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
RHSA-2026:26461 Red Hat Security Advisory: redhat-ds:11 security update
Bulletin has no description...
CVE-2025-69160 WordPress Gita theme <= 1.11 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Gita = 1.11 versions...
CVE-2025-69159 WordPress Printo theme <= 1.11 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Printo = 1.11 versions...
EUVD-2026-36246
A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...
CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...
CVE-2026-8464
CVE-2026-8464 : Golem OEE MES is affected by an unauthenticated path-traversal vulnerability that could allow an attacker in the same local network to read arbitrary files from the server by manipulating HTTP request paths. The issue is fixed in version 11.6.0. Affected product: Golem OEE MES; vu...
CVE-2026-45776
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...
CVE-2025-61308
A reflected cross-site scripted XSS vulnerability in the dfm-menumaintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61306
A reflected cross-site scripted XSS vulnerability in the dfm-menucoveragealerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable valu...
CVE-2026-1343
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication endpoints which are...
GHSA-XVMR-9P7M-JMWV vulnerabilities
Vulnerabilities for packages: openjdk-25-openj9, openjdk, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-21-openj9...
GHSA-Q4WQ-4WHJ-CXHX vulnerabilities
Vulnerabilities for packages: openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-21-openj9...