For individuals

An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including...

An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component.

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version before 5.4.3 allows a remote attacker to obtain sensitive...

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary...

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible

In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible

In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible

gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.