38 matches found
CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
EUVD-2019-11267
Malware in sbrugna...
EUVD-2017-12245
Malware in sbrugna...
EUVD-2022-39044
Malicious code in bioql PyPI...
EUVD-2022-41336
Malicious code in bioql PyPI...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.33.0
Summary IBM Watson Discovery Cartridge contains a vulnerable version of golang.org/x/net-v0.33.0 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment...
PT-2025-34791 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 may allow a local user to execute arbitrary code on the system due to the unsafe use of the BinaryFormatter functio...
CVE-2025-54052
Cross-Site Request Forgery CSRF vulnerability in Realtyna Realtyna Organic IDX plugin real-estate-listing-realtyna-wpl allows PHP Local File Inclusion.This issue affects Realtyna Organic IDX plugin: from n/a through = 5.0.0...
Linux Distros Unpatched Vulnerability : CVE-2020-14651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily...
PT-2025-33884 · Unknown · Neurobin Shc
Name of the Vulnerable Software and Affected Versions: neurobin shc versions prior to 4.0.4 Description: A vulnerability exists in neurobin shc up to version 4.0.3. This issue affects the make function within the src/shc.c file of the Filename Handler component. Manipulation of this function can...
Linux Distros Unpatched Vulnerability : CVE-2022-2512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all version...
CVE-2025-54673
Cross-Site Request Forgery CSRF vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through = 3.5.3...
Linux Distros Unpatched Vulnerability : CVE-2020-14836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily...
CVE-2025-8743
CVE-2025-8743 affects Scada-LTS up to 2.7.8.1. The vulnerability resides in the Virtual Data Source Property Handler, specifically the /data_source_edit.shtm endpoint, where manipulation of the Name parameter enables cross-site scripting. The issue can be exploited remotely and the exploit has be...
PT-2025-29731 · Yaysmtp · Yaysmtp
Name of the Vulnerable Software and Affected Versions: YaySMTP versions n/a through 1.5 Description: YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. Recommendations: Versions prior to 1.6 are affected...
CVE-2025-1763
An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2023-39222
OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows:...
CVE-2022-29875
A vulnerability has been identified in Biograph Horizon PET/CT Systems All VJ30 versions VJ30C-UD01, MAGNETOM Family NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A, MAMMOMAT Revelation All VC20 versions VC20D, NAEOTOM Alpha All VA40 versions VA40 SP2, SOMATOM X.cite All versions VA30 SP5 or...
CVE-2025-47684
Cross-Site Request Forgery CSRF vulnerability in Smaily Smaily for WP smaily-for-wp allows Cross Site Request Forgery.This issue affects Smaily for WP: from n/a through = 3.1.7...
CVE-2024-3303
Removed by vendor...