CVE-2026-23493

Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...

CVE-2026-23492

Pimcore Admin Search Find API exposes blind SQL injection due to an incomplete patch from CVE-2023-30848. Affected versions: Pimcore before 12.3.1 and before 11.5.14. Attack requires authenticated access to the admin interface and can disclose database information via blind SQL injection, potenti...

Apple Safari/iTunes memory corruption vulnerability (CNVD-2015-07154)

Safari is the browser in Mac OS X, the latest operating system for Apple computers. iTunes is a digital media playback application. A security vulnerability exists in WebKit in Apple Safari versions prior to 9.0.1 and iTunes versions prior to 12.3.1. The vulnerability allows remote attackers to...

UBUNTU-CVE-2015-5931

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 an...