68 matches found
Tenable Nessus Agent Privilege Escalation Vulnerability (TNS-2026-01)
Tenable Nessus Agent is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
EUVD-2024-2302
Malicious code in bioql PyPI...
EUVD-2023-1304
Malicious code in bioql PyPI...
Mattermost Path Traversal vulnerability
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.1, 10.9.x = 10.9.3 fail to validate import directory path configuration which allows admin users to execute arbitrary code via malicious plugin upload to prepackaged plugins directory...
PT-2025-34282 · Esri · Esri Portal For Arcgis Enterprise Sites
Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 through 11.4 Description: A stored Cross-site Scripting issue exists that may allow a remote, authenticated attacker to inject a malicious file containing an XSS script. When loaded, thi...
CVE-2023-2202
Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3...
CVE-2024-7125
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01...
Hitachi Ops Center Common Services 安全漏洞
Hitachi Ops Center Common Services is a component of Hitachi, Ltd. of Japan Hitachi that provides single sign-on functionality and a web portal for Ops Center products. A security vulnerability exists in Hitachi Ops Center Common Services version 10.9.3-00 through versions prior to 11.0.2-01. An...
Directus Security Vulnerabilities
Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 10.9.3, which stems from allowing redirection when importing files from a URL and not checking the URL...
OPENSUSE-SU-2024:12360-1 libmariadbd-devel-10.9.3-1.1 on GA media
These are all security issues fixed in the libmariadbd-devel-10.9.3-1.1 package on the GA media of openSUSE Tumbleweed...
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings()
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to dereference a null pointer...
CVE-2023-3967
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00...
CVE-2023-3335
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00...
Design/Logic Flaw
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00...
Hitachi Ops Center Administrator Log Information Disclosure Vulnerability
Hitachi Ops Center Administrator is a management interface and tool for managing and monitoring Hitachi Hitachi storage devices from Hitachi, Ltd Hitachi, Japan. A log information disclosure vulnerability exists in Hitachi Ops Center Administrator versions prior to 10.9.3-00, which originates fro...
PT-2023-7100 · Hitachi · Hitachi Ops Center Administrator
Name of the Vulnerable Software and Affected Versions: Hitachi Ops Center Administrator versions prior to 10.9.3-00 Description: The issue is related to the insertion of sensitive information into log files, allowing local users to gain sensitive information. This is due to insufficient protectio...
RosarioSIS improper access control vulnerability
RosarioSIS prior to version 10.9.3 has a vulnerability that allows a user to return to a page containing personally identifiable information PII and sensitive information even after logging out of the application by using the browser's back button...
PT-2023-18362 · Unknown · Rosariosis
Name of the Vulnerable Software and Affected Versions: RosarioSIS versions prior to 10.9.3 Description: The issue allows a user to access a page containing personally identifiable information PII and sensitive information after logging out of the application by using the browser's back button. Th...
RosarioSIS 访问控制错误漏洞
RosarioSIS is a free and open source student information system. It is used to manage students, create reports and make sound decisions. An access control error vulnerability exists in RosarioSIS versions prior to 10.9.3, which stems from the presence of improper access control...
CVE-2023-2202 Improper Access Control in francoisjacquet/rosariosis
Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3...