EUVD-2018-2636

Malware in sbrugna...

CVE-2025-53692

The CVE-2025-53692 entry describes an XSS vulnerability in Sitecore Experience Manager (XM) and Experience Platform (XP). Affected versions are XM 9.2–10.4 and XP 9.2–10.4. The underlying issue is Improper Neutralization of Input During Web Page Generation in the web page generation path, enablin...

CVE-2025-53694

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager XM, Sitecore Experience Platform XP.This issue affects Sitecore Experience Manager XM: from 9.2 through 10.4; Experience Platform XP: from 9.2 through 10.4...

CVE-2021-37194

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS allows to upload and store...

SonarSource SonarQube 安全漏洞

SonarSource SonarQube is an open source code quality management system from SonarSource, Switzerland. A security vulnerability exists in SonarSource SonarQube version 10.4 up to and including 10.6. An attacker can exploit the vulnerability to inject blind SQL commands...

PT-2024-32887 · Sonarsource · Sonarqube

Name of the Vulnerable Software and Affected Versions: SonarSource SonarQube versions 10.4 through 10.5 before 10.6 Description: A vulnerability was discovered in the "authorizations/group-memberships" API endpoint that allows SonarQube users with the administrator role to inject blind SQL...

Axigen Cross-Site Scripting Vulnerability

Axigen is a mail server with groupware and collaboration features from Axigen, Inc. A cross-site scripting vulnerability exists in Axigen that stems from mishandling the viewing of SSL certificate usage. The following versions are affected: Versions 10.3.x through 10.3.3.61, 10.4.x through 10.4.2...

mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...

mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...

SUSE CVE-2022-32086

MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Itemfield::fixouterfield...

mariadb: server crash in Item_field::fix_outer_field for INSERT SELECT

MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Itemfield::fixouterfield...

mariadb: server crash in Item_field::fix_outer_field for INSERT SELECT

MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Itemfield::fixouterfield...

DEBIAN-CVE-2022-32081

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...

Veritas APTARE Access Control Error Vulnerability

Veritas Technologies APTARE is a suite of predictive analytics software for backup, storage, and virtual infrastructures from Veritas Technologies, USA. The software supports features such as storage management and data center optimization. An access control error vulnerability exists in Veritas...

GitLab Directory Traversal Vulnerability (CNVD-2020-19610)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in an endpoint in GitLab...

Directory traversal

GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read...

PT-2020-11911 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 10.4 through 12.8.1 Description: The issue allows Directory Traversal, which leads to arbitrary file read. A particular endpoint was vulnerable to a directory traversal vulnerability. Recommendations: For GitLab versions 10.4...

CVE-2019-4177

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158882...

Flexense DiskPulse Enterprise Cross-Site Scripting Vulnerability

Flexense DiskPulse Enterprise is a real-time disk change monitoring solution from Flexense Canada. The solution supports monitoring multiple disks or directories and exporting disk change monitoring statistics to a centralized SQL database. A cross-site scripting vulnerability exists in Flexense...

Flexense DiskSavvy Enterprise Cross-Site Scripting Vulnerability

Flexense DiskSavvy Enterprise is a disk space usage analyzer from Flexense Canada. The product is capable of analyzing disks, network shares, NAS devices and enterprise storage systems. A cross-site scripting vulnerability exists in Flexense DiskSavvy Enterprise versions 10.4 through 10.7. A remo...