CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

EUVD-2026-17538

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

CVE-2026-30278

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

PT-2026-29299

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

EUVD-2025-199714

Apache Druid’s Kerberos authenticator uses a weak fallback secret...

GHSA-W88F-4875-99C8 Apache Druid’s Kerberos authenticator uses a weak fallback secret

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...

CVE-2025-63289

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

CVE-2025-63289

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

Rockwell Automation 5015-AENFTXT 安全漏洞

Rockwell Automation 5015-AENFTXT is a hardware device from Rockwell Automation USA. A security vulnerability exists in Rockwell Automation 5015-AENFTXT version v35 that stems from the presence of an improper input validation vulnerability...

PT-2024-2690 · Parasolid · Parasolid

Name of the Vulnerable Software and Affected Versions: Parasolid V35.0 versions prior to V35.0.251 Parasolid V35.1 versions prior to V35.1.170 Description: The issue is related to a null pointer dereference vulnerability in Parasolid while parsing specially crafted XT files. This could allow an...

CVE-2023-43260

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting XSS vulnerability via the admin panel...

SUSE CVE-2014-1749

Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916.114 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

UBUNTU-CVE-2022-31175

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...