CVE-2025-0878

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akinsoft LimonDesk allows Cross-Site Scripting XSS. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2025-2412

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass. This issue affects QR Menu: from s1.05.07 before v1.05.12...

CVE-2024-13065 Business Logic Error in Akinsoft's MyRezzta

Improper Enforcement of Behavioral Workflow, Uncontrolled Resource Consumption vulnerability in Akinsoft MyRezzta allows Input Data Manipulation, CAPEC - 125 - Flooding. This issue affects MyRezzta: from s2.02.02 before v2.05.01...

AZL-66770 CVE-2025-9817 affecting package wireshark 4.4.7-1

SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service...

CVE-2025-8663

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12...

CVE-2025-57806

Summary: CVE-2025-57806 affects Local Deep Research. Versions 0.2.0–0.6.7 store confidential information, including API keys, in a local SQLite database without encryption. This plaintext storage occurs in the .db file and is accessible to anyone with access to the container or host filesystem. T...

Sitecore Experience Manager 安全漏洞

Sitecore Experience Manager XM is a management software from Sitecore, Denmark. A security vulnerability exists in Sitecore Experience Manager versions 9.2 to 10.4 and Sitecore Experience Platform versions 9.2 to 10.4, which stems from exposing sensitive information to unauthorized participants...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 4.2-milestone-2 through 16.10.6, which stems from a configuration file that is accessible via jsx and sx endpoints...

Linux Distros Unpatched Vulnerability : CVE-2025-58066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which...

Linux Distros Unpatched Vulnerability : CVE-2021-21258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from...

CVE-2024-12974

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akinsoft ProKuaför allows Cross-Site Scripting XSS. This issue affects ProKuaför: from s1.02.07 before v1.02.08...

CVE-2025-0670

CVE-2025-0670 describes an Authorization Bypass Through a User-Controlled Key in Akinsoft ProKuafor, leading to Resource Leak Exposure. Based on connected sources, affected versions are ProKuafor v1.0x before 1.02.08 (specifically s1.02.07 and earlier). Root cause identified as a user-controlled ...

CVE-2025-2414

CVE-2025-2414 relates to an authentication bypass in Akinsoft OctoCloud caused by an improper restriction of excessive authentication attempts. Affected versions are s1.09.03 through 1.11.00, with the issue present prior to 1.11.01. The vulnerability could allow bypass of authentication without u...

CVE-2025-2414

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. This issue affects OctoCloud: from s1.09.03 before v1.11.01...

CVE-2025-8662

OpenAM OpenAM Consortium Edition contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This issue affects OpenAM: from 14.0.0 through 14.0.1...

CVE-2025-8662

OpenAM OpenAM Consortium Edition contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This issue affects OpenAM: from 14.0.0 through 14.0.1...

CVE-2025-58178

CVE-2025-58178 affects SonarQube-related tooling: the SonarQube Scan GitHub Action (versions up to 5.3.0) is vulnerable to command injection because untrusted input arguments are treated as shell expressions. This can lead to execution of arbitrary commands with local privileges. A fix is release...

Akinsoft OctoCloud 安全漏洞

Akinsoft OctoCloud is an online platform from Akinsoft Turkey with the ability to manage financial transactions, record receipts and inventory, issue invoices, and generate reports. Akinsoft OctoCloud versions prior to s1.09.02 through v1.11.01 contain a security bypass vulnerability that can be...

PT-2025-35567

Name of the Vulnerable Software and Affected Versions: Akinsoft ProKuafor versions s1.02.08 through versions prior to 1.02.08 Description: An improper restriction of excessive authentication attempts exists in Akinsoft ProKuafor, allowing for authentication bypass. Recommendations: Update Akinsof...

CVE-2025-33102 IBM Concert Software information disclosure

IBM Concert Software 1.0.0 through 1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...