NA - CVE-2025-27915 - An issue was discovered in Zimbra Collaboration...
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic Web Client due to insufficient sanitization of...
NA - CVE-2025-29891 - Bypass/Injection vulnerability in Apache...
Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to...
High - CVE-2025-2240 - A flaw was found in Smallrye, where...
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call...
NA - CVE-2025-0813 - CWE-287: Improper Authentication vulnerability...
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permission rights has physical access to the EPAS-UI computer and...
NA - CVE-2025-0883 - Improper Neutralization of Script in an Error...
Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. The vulnerability could reveal sensitive information retained by the browser. This...
NA - CVE-2025-0884 - Unquoted Search Path or Element vulnerability...
Unquoted Search Path or Element vulnerability in OpenText™ Service Manager. The vulnerability could allow a user to gain SYSTEM privileges through Privilege Escalation. This issue affects...
NA - CVE-2025-1683 - Improper link resolution before file access in...
Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete...
NA - CVE-2025-1960 - CWE-1188: Initialization of a Resource with an...
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have...
NA - CVE-2025-1984 - Xerox Desktop Print Experience application...
Xerox Desktop Print Experience application contains a Local Privilege Escalation (LPE) vulnerability, which allows a low-privileged user to gain SYSTEM-level access.
High - CVE-2025-20115 - A vulnerability in confederation implementation...
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service...