Centreon Web : multiple vulnerabilities dated 24/09/2025open in new window An attacker can use several vulnerabilities of Centreon Web, dated 24/09/2025... Visit link for details Puppet Labs Puppet Enterprise : information disclosure via Encryption Key Backupopen in new window An attacker can bypass access restrictions to data of Puppet Labs Puppet Enterprise, via Encryption Key Backup, in order to read sensitive information... Visit link for details Drupal Reverse Proxy Header : spoofing via request IP addressopen in new window An attacker can create spoofed data on Drupal Reverse Proxy Header, via request IP address, in order to deceive the victim... Visit link for details Drupal Currency : Cross Site Request Forgery dated 24/09/2025open in new window An attacker can trigger a Cross Site Request Forgery of Drupal Currency, dated 24/09/2025, in order to force the victim to perform operations... Visit link for details Drupal Umami Analytics : Cross Site Scripting via 2.0.5open in new window An attacker can trigger a Cross Site Scripting of Drupal Umami Analytics, via 2.0.5, in order to run JavaScript code in the context of the web site... Visit link for details Drupal Access code : user access dated 24/09/2025open in new window An attacker can bypass restrictions of Drupal Access code, dated 24/09/2025, in order to gain user privileges... Visit link for details Drupal Plausible tracking : Cross Site Scripting dated 24/09/2025open in new window An attacker can trigger a Cross Site Scripting of Drupal Plausible tracking, dated 24/09/2025, in order to run JavaScript code in the context of the web site... Visit link for details Drupal JSON Field : Cross Site Scripting dated 24/09/2025open in new window An attacker can trigger a Cross Site Scripting of Drupal JSON Field, dated 24/09/2025, in order to run JavaScript code in the context of the web site... Visit link for details Cisco Wireless Access Point : write access via IPv6 Gateway Changeopen in new window An attacker can bypass access restrictions of Cisco Wireless Access Point, via IPv6 Gateway Change, in order to alter data... Visit link for details Cisco Wireless Access Point : write access via Action Frame Injectionopen in new window An attacker can bypass access restrictions of Cisco Wireless Access Point, via Action Frame Injection, in order to alter data... Visit link for details