GitLab 12.0 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-3553)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

CVE-2026-1695

An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to trick a legitimate user into loading content from another site upon unsuccessful user...

CVE-2021-2365

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite component: People Management. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Human Resources...

React Server Components deserialization vulnerability

Added: 12/11/2025 Background React is a Javascript library for building user interfaces. React Server Components are React components designed for running on web servers. Problem A deserialization vulnerability in React Server Components allows a remote attacker to execute arbitrary commands by...

EUVD-2021-6570

Malicious code in bioql PyPI...

Exploit for CVE-2025-9242

watchTowr-vs-WatchGuard-CVE-2025-9242 Detection Artifact Gene...

Linux Distros Unpatched Vulnerability : CVE-2021-39941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the defau...

Linux Distros Unpatched Vulnerability : CVE-2021-39942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability in GitLab CE/EE affecting all versions starting from 12.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all...

PT-2024-30292 · Google · Android

Name of the Vulnerable Software and Affected Versions: Google Android versions 12 through 15 Description: In the filterMask function of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution...

5p-buyform (>=0.0.1 <=0.0.4), 5paisa-tradingview-webhook (>=0.0.1 <=0.0.2) +233 more potentially affected by CVE-2024-38996 via ag-grid-enterprise (>=12.0.2 <=31.3.2)

ag-grid-enterprise NPM version =12.0.2, =0.0.1, =0.0.1, =1.0.21, =0.0.70, =0.1.43, =0.0.1, =0.1.46, =0.0.1, =0.0.1-rc.0, =4.0.0-alpha, =2.0.0, =1.1.0, =1.0.1, =0.0.0, =0.0.1-991 and more Source cves: CVE-2024-38996 Source advisory: OSV:GHSA-876P-C77M-X2HC...

CVE-2022-20484

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Apple Mac OS X Security Update (HT213444)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-63884)

Google Android is a Linux-based operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android versions 12 and 12L. The vulnerability stems from a logic error in the PermissionController component code, and there is a possible way to gain and retain privileges...

Apple Mac OS X Security Update (HT213257)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XWiki code injection vulnerability (CNVD-2020-58036)

XWiki Platform is the French company XWiki's set of Wiki platform for creating Web collaboration applications. A security vulnerability exists in XWiki version 12.5 and versions prior to 11.10.6, which stems from the fact that any user with scripting privileges editing prior to XWiki 7.4 can acce...

UBUNTU-CVE-2019-15606

Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons...

OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Sql injection

ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. An unauthenticated attacker is able to access the URL /servlet/MenuHandlerServlet, which is vulnerable to SQL injection. The attacker could extract users' password hashes, whi...

CVE-2016-9490 ManageEngine Applications Manager versions 12 and 13 suffer from a Reflected Cross-Site Scripting vulnerability

ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=1233. The URL is also...

CVE-2018-5504

In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service DoS or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or...