Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control.
Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions.
Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control.
Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS.
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control.
Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6.
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control.
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
Loftware Spectrum before 5.1 allows SSRF.
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
Oxide control plane software before 5 allows SSRF.
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.21.0), Mendix Runtime V10.12 (All versions < V10.12.16), Mendix Runtime V10.18 (All versions < V10.18.5), Mendix Runtime V
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON
Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
N-central versions < 2025.4 are vulnerable to multiple XML External Entities injection leading to information disclosure
Page 1+ Next →