8 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-22258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for...
com.navercorp.pinpoint:pinpoint-batch (>=3.0.0 <=3.0.5), com.navercorp.pinpoint:pinpoint-collector-starter (>=3.0.0 <=3.0.5) +44 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-common (>=1.0.0 <=1.2.0)
org.apache.pinot:pinot-common MAVEN version =1.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.1, =3.0.1, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =2024.4.0, =2025.1.1 and more Source cves: CVE-2024-56325 Source advisory: SNYK:JAVA-ORGAPACHEPINOT-9637839...
wetech-cms 注入漏洞
wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...
wetech-cms 安全漏洞
wetech-cms is a content management system by Cheng Jinbao, an individual developer. A security vulnerability exists in wetech-cms version 1.0 to 1.2, which is caused by a path traversal issue...
PT-2024-17612 · Unknown · Wetech-Cms
Name of the Vulnerable Software and Affected Versions: cjbi wetech-cms versions 1.0 through 1.2 Description: A critical issue affects the searchTopicByKeyword function of the file wetech-cms-masterwetech-coresrcmainjavatechwetechcmsdaoTopicDao.java. The manipulation of the keyword argument leads ...
PT-2024-17613 · Unknown · Wetech-Cms
Name of the Vulnerable Software and Affected Versions: cjbi wetech-cms versions 1.0 through 1.2 Description: A critical issue has been found, affecting the searchTopic function in the TopicDao.java file. The manipulation of the con argument leads to SQL injection, allowing for remote attacks. The...
SUSE CVE-2014-5177
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virDomainDefineXML, 2 virNetworkCreateXML, 3...
PT-2021-14239 · Unknown · Everything
Name of the Vulnerable Software and Affected Versions: Everything versions 1.0 through 1.2, except the Lite version Description: The issue allows a remote attacker to inject an arbitrary script or alter the website that uses the product. This is due to an HTTP header injection vulnerability...