24 matches found
EUVD-2026-23112
Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role...
CVE-2026-1564 Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role.
Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role...
CVE-2025-62183 Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low.
Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low...
CVE-2025-62183
CVE-2025-62183 affects Pega Platform versions 8.1.0 through 25.1.1 with a Stored Cross-site Scripting vulnerability in a user interface component. Root cause: stored XSS in a UI component. Exploitation requires an administrative user with extensive rights. Reported impact to confidentiality and i...
Linux Distros Unpatched Vulnerability : CVE-2023-22070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0...
OESA-2024-1711 mariadb security update
MariaDB turns data into structured information in a wide array of applications, ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make ...
PT-2024-26130 · Unknown · Prestashop
Name of the Vulnerable Software and Affected Versions: PrestaShop versions 8.1.0 through 8.1.5 Description: A cross-site scripting XSS vulnerability is present in PrestaShop when the customer-thread feature flag is enabled. This allows a hacker to upload a malicious file containing an XSS that wi...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
PT-2024-21289 · Unknown · Prestashop
Name of the Vulnerable Software and Affected Versions: PrestaShop versions 8.1.0 through 8.1.3 Description: The issue concerns path disclosure in a JavaScript variable. A patch is available to resolve this problem. Recommendations: For PrestaShop versions 8.1.0 through 8.1.3, update to version...
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
AZL-31578 CVE-2023-22032 affecting package mysql for versions less than 8.0.35-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
UBUNTU-CVE-2023-22114
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
PT-2023-6366 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior MySQL Server version 8.1.0 Description: The vulnerability in the MySQL Server product of Oracle MySQL is related to insufficient input validation in the Server: Optimizer component. This issue can be...
DELL EMC PowerScale 操作系统命令注入漏洞
Dell EMC PowerScale OneFS is an API-powered file system. An elevation of privilege vulnerability exists in Dell EMC PowerScale OneFS versions 8.1.0 through 9.1.0. The vulnerability stems from the incorrect neutralization of special elements used in OS commands. An attacker with ISIPRIVLOGINSSH or...
Dell Technologies Dell PowerScale OneFS 加密问题漏洞
Dell Technologies Dell PowerScale OneFS is an operating system from Dell Technologies, USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An encryption issue vulnerability exists in Dell PowerScale OneFS versions 8.1.0 through 9.1.0, which stems from a vulnerability...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2020-5016)
Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
CVE-2020-26193
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...
Input validation
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...
CVE-2020-26193
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...