CVE-2025-36074

IBM Security Verify Directory Container 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could upload malicious files into the system that can be sent to victims for performing further attacks against...

IBM多款产品 安全漏洞

IBM Verify Identity Access Container is a product of the American multinational company International Business Machines IBM. IBM Verify Identity Access Container is a containerized software that provides identity authentication and authorization capabilities for applications. IBM Security Verify...

Zimbra Collaboration 安全漏洞

Zimbra Collaboration is an open-source enterprise-level email and collaboration platform developed by Zimbra Corporation. It supports email, calendar, document management, and team collaboration features. Versions 10.0 and 10.1 of Zimbra Collaboration contain security vulnerabilities. These...

📄 Sitecore Experience Manager / Experience Platform 10.1 Shell Upload / Hardcoded Credentials

Proof of concept exploit for a remote code execution vulnerability chain affecting Sitecore Experience Platform versions 10.x combining hardcoded credentials with file upload vulnerabilities for complete system compromise...

📄 Zimbra Collaboration Suite Postjournal 10.0.x Remote Code Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

EUVD-2024-54978

Malicious code in bioql PyPI...

SUSE CVE-2024-54682

Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, 9.5.x = 9.5.12 fail to limit the file size for slack import file uploads which allows a user to cause a DoS via zip bomb by importing data in a team they are a team admin...

PT-2024-33690 · Ibm · Ibm Security Verify Access Appliance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8 Description: The issue concerns the presence of hard-coded credentials, such as a password or cryptographic key, used for inbound authentication, outbound communication to...

Zimbra Collaboration Server 安全漏洞

Zimbra Collaboration Server ZCS is an email and collaboration solution from Zimbra. The solution provides email, contacts, calendar, file sharing, social networking, and other features. A security vulnerability exists in Zimbra Collaboration Server versions 9.0 and 10.0 that stems from the presen...

CVE-2023-33833

IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013...

IBM Security Access Manager Appliance 加密问题漏洞

IBM Security Access Manager Appliance ISAM Appliance is a network appliance-based security solution from IBM, USA. The product is mainly used for access control and Web-based threat protection, providing system performance monitoring, log analysis and diagnosis. A security vulnerability exists in...

Eclipse Jetty 安全漏洞

Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. A security vulnerability exists in Eclipse Jetty, which stems from a pooled ByteBuffer that is not freed by SslConnection, and affects the following products and versions: versions 10.0....

CVE-2022-22464

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

PT-2021-16825 · Unknown · Avideo/Youphptube

Name of the Vulnerable Software and Affected Versions: AVideo/YouPHPTube versions 10.0 and prior Description: The issue allows an administrator-privileged user to write files on the filesystem using flag and code variables in the file save.php. This is due to insecure file write. Recommendations:...

HPE IceWall SSO 跨站脚本漏洞

HPE IceWall SSO is a single sign-on program from Hewlett Packard Enterprise hpe that provides authentication capabilities to users. A cross-site scripting vulnerability exists in HPE IceWall SSO Domain Gateway and affects the following products and versions: HPE IceWall SSO Domain Gateway 10.0 on...

CVE-2019-0370

Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1, enables an attacker to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection...

CVE-2018-0529

Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors...

CVE-2017-1256

IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124678...

HPE Network Node Manager Authentication Bypass Vulnerability

HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. An authentication bypass vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00, 10.01 tha...

CVE-2015-5043

diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 allows local users to obtain root access via unspecified key sequences...