Linux Distros Unpatched Vulnerability : CVE-2022-23476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from...

CVE-2024-13215 Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup

The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.10 via the 'render' function in modules/modal-popup/widgets/modal-popup.php. This makes it possible for authenticated attackers, with Contributor-level acce...

CVE-2024-13215

The CVE-2024-13215 entry concerns the Elementor Addon Elements for WordPress. It describes a Sensitive Information Exposure in the render function of modules/modal-popup/widgets/modal-popup.php, enabling authenticated attackers with Contributor-level access or higher to extract private, pending, ...

WordPress plugin Elementor Addon Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2023-5954

HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10...

PT-2023-7090 · Hashicorp +1 · Hashicorp Vault +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault versions prior to 1.13.10 HashiCorp Vault versions prior to 1.14.6 HashiCorp Vault versions prior to 1.15.2 Vault Enterprise versions prior to 1.13.10 Vault Enterprise versions prior to 1.14.6 Vault Enterprise versions prior t...

HashiCorp Vault Security Breach

HashiCorp Vault is a private key access management tool from the US-based HashiCorp. A security vulnerability exists in HashiCorp Vault , Vault Enterprise versions 1.15.2, 1.14.6, and 1.13.10, which stems from a client-side inbound request that triggers a policy check that may result in unlimited...

SUSE CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

DEBIAN-CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

UBUNTU-CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

CVE-2022-23476

Nokogiri is an open source XML and HTML library for the Ruby programming language. Nokogiri 1.13.8 and 1.13.9 fail to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash. This can lead to a null pointer exception when invalid markup is being parsed. Fo...

am.ik.home:uaa-client (>=1.3.0 <=1.8.1), am.ik.home:uaa-integration-test (>=1.3.0 <=1.8.1) +229 more potentially affected by CVE-2018-1273 via org.springframework.data:spring-data-commons (>=1.13.0.RELEASE <=1.13.10.RELEASE)

org.springframework.data:spring-data-commons MAVEN version =1.13.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =0.0.1, =0.2.0, =1.0.6, =6.2.0.6, =6.2.0.5, =6.2.0.4, =6.2.0.4, =6.2.0.5, =1.2.0, =1.2.0, =1.6.6 and more Source cves: CVE-2018-1273 Source advisory: OSV:GHSA-4FQ3-MR56-CG6R...

PT-2018-11354

Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 1.13 to 1.13.10 Spring Data Commons versions 2.0 to 2.0.5 Spring Data Commons older unsupported versions Description The issue is caused by unlimited resource allocation due to a property path parser vulnerability...

CVE-2018-1274

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user or attacker can issue requests against Spring Data REST endpoints or endpoint...

Debian: Security Advisory (DSA-3465-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...