EUVD-2019-13115

Malware in sbrugna...

GHSA-8M2R-X2M2-3WMW Duplicate Advisory: Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xr3m-6gq6-22cg. This link is maintained to preserve external references. Original Description A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown...

Duplicate Advisory: Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xr3m-6gq6-22cg. This link is maintained to preserve external references. Original Description A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown...

CVE-2024-11954

A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...

CVE-2024-11954

A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulation leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publ...

PT-2025-1723 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: Pimcore version 11.4.2 Description: A problematic issue was found in the Search Document component, leading to basic cross site scripting. The manipulation can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2023-37267 Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions

Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1...

CVE-2023-37267 Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions

Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1...

PT-2023-25870 · Umbraco · Umbraco

Name of the Vulnerable Software and Affected Versions: Umbraco versions prior to 10.6.1 Umbraco versions prior to 11.4.2 Umbraco versions prior to 12.0.1 Description: Under rare conditions, a restart of Umbraco can allow unauthorized users to gain admin-level permissions, potentially leading to...

GitLab <= 11.2.6, 11.3.x - 11.3.7, 11.4.x - 11.4.2 Multiple Vulnerabilities

GitLab is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

GitLab 10.4.x - 11.2.6, 11.3.x - 11.3.7, 11.4.x - 11.4.2 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

CVE-2019-3477

Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen3 (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen3. Vulnerability Details CVEID: CVE-2015-0235 The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but valid hostna...

Security Bulletin: IBM XIV Gen3 Storage System is exposed to the following OpenSSL vulnerability: CVE-2014-0224

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. IBM XIV Gen3 Storage System is exposed to CVE-2014-0224. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused...