CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
Missing validation of 'valuesFrom' references in Helm Deployer of SUSE Rancher Fleet allows owners of one tenant to access fleet credentials of other tenants. Affected versions: 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11, and 0.12 before 0.12.15.
Landray OA contains an unauthenticated HQL injection vulnerability that allows attackers to query Hibernate entities by injecting malicious HQL syntax into the uid parameter of the wechatLoginHelper.do endpoint. Lack of input sanitization in the filter expression passed to the Hibernate findList() method enables extraction of sensitive data like administrator password hashes and, with sufficient database privileges, file-write operations leading to remote code execution.
Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading malicious files through the PtFjk.mob servlet endpoint. Attackers can submit a multipart POST request with a JSP webshell disguised using a spoofed image/jpeg Content-Type to bypass the absence of extension and MIME type validation, with the uploaded file stored at a predictable path under the uploadfile directory and executed directly by the web server.
An unauthenticated arbitrary file upload vulnerability in Yonyou KSOA 9.0 allows remote code execution via a crafted POST request to the ImageUpload servlet. Attackers can upload a JSP webshell without any authentication or validation.
Dockwatch through version 0.6.567 contains an unauthenticated OS command injection vulnerability. Missing exit() after authentication redirect in loader.php and unsanitized input passed to shell_exec() in ajax/compose.php allow remote attackers to execute arbitrary shell commands via the composePath POST parameter in the composePull action.
A relative path traversal vulnerability in the "keyhint" option during repomd.xml parsing in libzypp before version 17.38.12. Attackers able to supply a malicious repository can inject or overwrite files on the target system as root.
In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability allows an authenticated attacker with low privileges to send specially crafted requests, potentially leading to unauthorized access to application data and its modification.
In Progress Flowmon versions prior to 12.5.9 and 13.0.11, an authenticated low-privileged user can craft a request during PDF generation, leading to operations performed with another user's privileges. This may result in unauthorized access to sensitive data and unintended system configuration changes.
An Incorrect Authorization vulnerability in UniFi Network Application allows a malicious actor with network access to persist privileges after they have been removed. The issue occurs under certain network conditions.
An authenticated SQL Injection vulnerability in UniFi Protect Application allows an attacker with network access and low privileges to escalate privileges on the host device.
A shellcode injection vulnerability in the Mercurial handler of the obs tar_scm source service before version 0.12.4 allows attackers with a malicious _service file to execute code as the source service or the local user.
A vulnerability in the UniFi Talk Application allows an attacker with network access and low privileges to escalate privileges through improper access control.
A vulnerability in UniFi Network Application allows privilege escalation by an attacker with network access and low privileges under certain conditions. The issue stems from improper access control.
A Path Traversal vulnerability in UniFi Access Application allows a malicious actor with network access to access files on the host device.
A vulnerability in UniFi OS allows unauthorized changes to devices by an attacker with network access under certain network configurations. The flaw is due to improper access control.
An SSRF vulnerability in UniFi Protect Application allows an attacker with network access and low privileges to escalate privileges on the host device.
A vulnerability in UniFi Network Application allows an attacker with network access and low privileges to escalate privileges within the application by exploiting improper access control.
An SSRF vulnerability in UniFi Talk Application allows an attacker with network access to perform a DoS attack and bypass authentication on certain API endpoints.
A vulnerability in UniFi OS with UniFi Protect Application allows privilege escalation on the host device. An attacker with network access and low privileges can exploit improper access control.
A Path Traversal vulnerability in UniFi Protect Floodlight devices allows an attacker with network access to read files on the affected device.

