19 matches found
CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
EUVD-2017-12245
Malware in sbrugna...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.33.0
Summary IBM Watson Discovery Cartridge contains a vulnerable version of golang.org/x/net-v0.33.0 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment...
PT-2025-34791 · Ibm · Ibm Cognos Command Center
Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 may allow a local user to execute arbitrary code on the system due to the unsafe use of the BinaryFormatter functio...
CVE-2025-54052
Cross-Site Request Forgery CSRF vulnerability in Realtyna Realtyna Organic IDX plugin real-estate-listing-realtyna-wpl allows PHP Local File Inclusion.This issue affects Realtyna Organic IDX plugin: from n/a through = 5.0.0...
Linux Distros Unpatched Vulnerability : CVE-2020-14651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily...
PT-2025-33884 · Unknown · Neurobin Shc
Name of the Vulnerable Software and Affected Versions: neurobin shc versions prior to 4.0.4 Description: A vulnerability exists in neurobin shc up to version 4.0.3. This issue affects the make function within the src/shc.c file of the Filename Handler component. Manipulation of this function can...
Linux Distros Unpatched Vulnerability : CVE-2022-2512
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2020-14836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily...
PT-2025-29731 · Yaysmtp · Yaysmtp
Name of the Vulnerable Software and Affected Versions: YaySMTP versions n/a through 1.5 Description: YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. Recommendations: Versions prior to 1.6 are affected...
CVE-2025-1763
An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2024-3303
Removed by vendor...
CVE-2024-53648
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V9.90, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V9.90, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V9.90, SIPROTEC 5 6MD89 CP300 All versions V9.90, SIPROTEC 5...
CVE-2022-26388 Use of Hard-Coded Password Vulnerability in ELI Electrocardiograph Devices
A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI 380 Resting Electrocardiograph: Versions 2.6.0 and prior; ELI 280/BUR280/MLBUR 280 Resting Electrocardiograph: Versions 2.3.1 and prior; ELI 250c/BUR 250c Resting Electrocardiograph: Versions 2.1.2 an...
CVE-2025-24698
Cross-Site Request Forgery CSRF vulnerability in g5theme Essential Real Estate essential-real-estate allows Cross Site Request Forgery.This issue affects Essential Real Estate: from n/a through = 5.1.8...
PT-2022-8886 · Unknown · Monorepo-Build
Name of the Vulnerable Software and Affected Versions: monorepo-build affected versions not specified Description: A command injection issue affects the package. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents whe...
CVE-2020-14177
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service DoS vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from versi...
CVE-2017-14849
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules...
CVE-2016-6625
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to...