Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0006)

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...

Progress Flowmon ADS SQL注入漏洞

Progress Flowmon ADS is a network traffic analysis and anomaly detection system from Progress, Inc. A SQL injection vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and prior to 13.0.1, which stems from an SQL injection that could lead to the execution of unexpected SQL queri...

CVE-2024-58321

CVE-2024-58321 is a stored XSS vulnerability in Kentico Xperience introduced via form validation rule configuration. Affected components are Kentico Xperience ASP.NET Core WebApp and ASP.NET MVC5 Libraries (as referenced in Snyk and CVE records). The underlying issue is insufficient encoding of v...

CVE-2023-53152

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrmbuddyfini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. 61811.450562 RIP:...

CVE-2025-48206

The nsbackup extension through 13.0.0 for TYPO3 allows XSS...

PT-2024-30052 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.0 Description: The issue is related to a remote code execution vulnerability. Although the admin editplayer.php file imposes restrictions on edited files, attackers can bypass these restrictions and write code. This allows...

PT-2021-6590 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.0 and later Description: The issue is related to improper authorization in GitLab, affecting guests in private projects. This allows unauthorized access to view CI/CD analytics. The vulnerability can be exploited...

Odoo Security Vulnerability

Odoo is a set of enterprise resource planning ERP and customer relationship management CRM system from Odoo Belgium. The system is developed in Python, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security...

GitLab Information Disclosure Vulnerability (CNVD-2020-51536)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

Cisco Email Security Appliance AsyncOS Software Input Validation Error Vulnerability (CNVD-2020-32910)

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. An input validation error vulnerability exists in the Cisco Email Security Appliance prior to version 13.0. The vulnerability arises from a network...

CVE-2017-6142

X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thus did not properly validate the remote server's identity on certain versions of BIG-IP...

CVE-2017-6138

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...