14 matches found
CVE-2024-39171
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix...
Vulnerability fixed in HPE OneView Software
HPE has fixed a vulnerability in the HPE OneView Software. The vulnerability is in the way the OneView Software handles remote requests. When HPE OneView Software is accessible over the Internet, unauthenticated remote users can execute code. This could allow attackers to gain control of affected...
CVE-2025-36102
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security...
CVE-2025-59936
get-jwks contains fetch utils for JWKS keys. In versions prior to 11.0.2, a vulnerability in get-jwks can lead to cache poisoning in the JWKS key-fetching mechanism. When the iss issuer claim is validated only after keys are retrieved from the cache, it is possible for cached keys from an...
CVE-2023-42232
Pat Infinite Solutions HelpdeskAdvanced = 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function...
CVE-2023-42232
Pat Infinite Solutions HelpdeskAdvanced is affected (versions
SUSE CVE-2019-2818
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
QND vulnerable to privilege escalation
Overview QND provided by QualitySoft Corporation contains a privilege escalation vulnerability CWE-268. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. RedTeam reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
Odoo Cross-Site Scripting Vulnerability (CNVD-2020-73762)
Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...
Unable to access SDWAN management GUI once after upgrading to 11.0.2 and the Device is rebooted
You will experience the GUI accessibility issue when you upgrade SDWAN appliance to 11.0.2 version and when it gets rebooted either automatically or manually...
Sophos IPSec Client Access Control Error Vulnerability
Sophos IPSec Client is a VPN client application. An access control error vulnerability exists in Sophos IPSec Client version 11.04 NCPSecure Entry Client version 10.11 r32792. The vulnerability arises from the network system or product not properly restricting access to resources from unauthorize...
IBM Robotic Process Automation with Automation Anywhere Information Disclosure Vulnerability (CNVD-2018-22535)
IBM Robotic Process Automation with Automation Anywhere is a process automation solution developed by IBM USA and Automation Anywhere. A security vulnerability exists in IBM Robotic Process Automation with Automation Anywhere version 11.0. An attacker could exploit the vulnerability to obtain...
IBM Robotic Process Automation with Automation Anywhere Remote Code Execution Vulnerability
IBM Robotic Process Automation with Automation Anywhere is a process automation solution developed by IBM USA and Automation Anywhere. A remote code execution vulnerability exists in IBM Robotic Process Automation with Automation Anywhere versions 10.0 and 11.0, which stems from the program not...
CVE-2016-1403
CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005...