Common Vulnerabilities and Exposures

Overview : IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain

Overview : In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value.

Overview : Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with

Overview : The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version

Overview : VMware vSphere ESXi (6.7 prior to ESXi670-201904101-SG, 6.5 prior to ESXi650-201907101-SG, 6.0 prior to ESXi600-201909001) and VMware vCenter

Overview : In WebAccess versions 8.4.1 and prior, multiple stack based buffer overflow vulnerabilities are detected by a lack of

Overview : A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm’online CRM-System SDK 7.13 permits attackers to execute

Overview : Schneider Electric detected multiple vulnerabilities in its U.motion din rail and touch panels servers. Affected Product(s) : U.motion

Version : Mautic 2.13.1 Severity : Severe Explanation : Stored Cross Site Scripting vulnerability is found by manipulating argument authorUrl with

Version : pecl-http extension up to 2.6.0beta2/3.1.0beta2 Severity : Medium Explanation : The function merge_param() of the file php_http_params.c. Forged http requests

Version : Sahi Pro (Upto Version : 8.0) Severity : Critical Explanation : The function TestRunner_Non_distributed of   create/modify/delete. The manipulation

Critical authentication bypass vulnerability found in Alfresco Community Edition (CVE-2019-14222) An issue was discovered in Alfresco Community Edition versions 6.0