Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Privilege escalation vulnerability in the NMS module Impact: Successful exploitation of this vulnerability will affect availability.

Privilege escalation vulnerability in the account synchronisation module. Impact: Successful exploitation of this vulnerability will affect availability.

Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this vulnerability will affect availability.

Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.6.8.2 via the 'render_content_block_template' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include …

In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources unti…

In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text.

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts.