12 matches found
CVE-2026-41838 Spring Framework Predictable Session ID in WebSocket Module
IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 throug...
EUVD-2018-17232
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-23790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue...
SUSE CVE-2025-24390
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...
CVE-2024-23790
Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1...
PT-2022-20747 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 7.0.x and earlier Description: The issue allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service, due to insufficient limitation of the in-memor...
PT-2020-9940 · Otrs +2 · Otrs +2
Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.12 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.38 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.23 Description: An issu...
PT-2019-12716 · Otrs +2 · Otrs +3
Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.7 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...
PT-2019-12826 · Otrs +2 · Otrs +2
Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.8 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...
CVE-2018-5466
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information...
Code injection
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code...
PHP 7.x < 7.0.18, 7.1.x < 7.1.4 SSRF Security Bypass Vulnerability - Linux
PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...