amdonov.ospackage-init:amdonov.ospackage-init.gradle.plugin (>=0.1.0 <=0.5.0), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1646 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15on (>=1.46 <=1.70)

org.bouncycastle:bcpg-jdk15on MAVEN version =1.46, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =2023.06.07.114626-93b9d6f, =0.1.3-20210127.1838-76ab4fc, =0.1.4-20220614.0152-5ae0eef, =1.0.0-M6, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1-M3, =0.0.1-M19 and more...

LibreNMS security vulnerabilities

LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Version 1.46 of LibreNMS contains a security vulnerability, which stems from improper...

CVE-2023-25964

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Noah Hearle, Design Extreme We’re Open! plugin = 1.46 versions...

CVE-2002-1943

SafeTP 1.46, when network address translation NAT is being used, leaks the internal IP address of the FTP server in a response to a passive mode PASV file transfer request...

Malicious code in playwright-1.46 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b54a73f91f92e3252ca7711496e9a2cc0e1eabd2637f94a2bfdce96d1a94791 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Appsmith 安全漏洞

Appsmith is an open source platform for building, deploying, and maintaining on-premise applications from Appsmith Open Source. A security vulnerability exists in Appsmith prior to version 1.46 that stems from the retrieval of AWS metadata credentials via cross-site request forgery...

PT-2024-34622 · Appsmith · Appsmith

Name of the Vulnerable Software and Affected Versions: AppSmith Community versions 1.8.3 through 1.46 Description: The issue allows for Server-Side Request Forgery SSRF via the New DataSource feature for application/json requests to the IP address 169.254.169.254, which is used to retrieve AWS...

CVE-2024-51408

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials...

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2023-33202 Source advisory: OSV:GHSA-WJXJ-5M7G-MG7Q...

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.10) +30303 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.70)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =4.4.0.0, =0.42.1, =0.1.12, =0.1.2, =0.28.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2023-33202 Source advisory: OSV:GHSA-WJXJ-5M7G-MG7Q...

CVE-2023-25964

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Noah Hearle, Design Extreme We’re Open! plugin = 1.46 versions...

CVE-2023-25964 WordPress We’re Open! Plugin <= 1.46 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Noah Hearle, Design Extreme We’re Open! plugin = 1.46 versions...

PT-2023-20391 · Unknown · Design Extreme We’Re Open!

Name of the Vulnerable Software and Affected Versions: Design Extreme We’re Open! plugin versions 1.46 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For Design Extreme We’re...

WordPress We’re Open! Plugin <= 1.46 is vulnerable to Cross Site Scripting (XSS)

Software We’re Open! Type Plugin Vulnerable versions = 1.46 Fixed in 1.47 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25964 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7dec04029e56 Credits TaeEun Lee Required privilege...

CVE-2022-35911

On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...

CVE-2022-35911

On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...

PT-2022-23017 · Patlite · Patlite Nh-Fb Series

Name of the Vulnerable Software and Affected Versions: Patlite NH-FB series devices through 1.46 Description: Remote attackers can cause a denial of service by omitting the query string. However, the vendor's perspective is that omitting the query string does not cause a denial of service and the...

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +12972 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.60)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2020-26939 Source advisory: OSV:GHSA-72M5-FVVV-55M6...

Design/Logic Flaw

LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $POST'community' parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajaxoutput.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers...

CVE-2018-20434

LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $POST'community' parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajaxoutput.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers...