11 matches found
CVE-2026-47846
Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRAUSER environment variable, the container initialization script creates the new superuser account but fails to drop the built-in cassand...
CVE-2026-40982
Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...
PT-2023-8876 · Unknown +9 · Openpmix Pmix +9
Name of the Vulnerable Software and Affected Versions: OpenPMIx PMIx versions 4.2.6 and earlier, 5.0.x before 5.0.1 Description: The issue is related to a race condition during the execution of library code with UID 0, allowing attackers to obtain ownership of arbitrary files. This can potentiall...
SUSE CVE-2012-0101
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102...
PT-2019-12716 · Otrs +2 · Otrs +3
Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.7 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...
Pivotal Spring Framework Cross Domain Request Vulnerability
Pivotal Spring Framework is the United States Pivotal Software's set of open source Java, Java EE application framework. The framework helps developers build high-quality applications . A security vulnerability exists in Pivotal Spring Framework versions 5.0.x prior to 5.0.7, 4.3.x prior to 4.3.1...
IBM API Connect Cross-Site Scripting Vulnerability (CNVD-2018-08943)
IBM API Connect aka APIConnect is an integrated solution for managing the API lifecycle from IBM USA. The solution supports creating, running, managing and securing APIs, microservices and more. A cross-site scripting vulnerability exists in IBM API Connect versions 5.0.0.0 through 5.0.6.5, 5.0.7...
Fortinet FortiManager Information Disclosure Vulnerability
Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...
Fortinet FortiManager SQL Injection Vulnerability
Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...
UBUNTU-CVE-2016-0847
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of a call via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26864502...
Code injection
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not 1 properly handle errors during execution of certain SELECT statements with subqueries, and does not 2 preserve certain nullvalue flags during execution of statements that use the GeomFromWKB function, which allows remote...