8 matches found
Astra Linux – Vulnerability in Ruby-Rack
There is a denial-of-service vulnerability in the Content-Disposition parsing component of Rack, which was fixed in versions 2.0.9.2, 2.1.4.2, 2.2.4.1, and 3.0.0.1. This vulnerability could allow an attacker to create an input that causes the Content-Disposition header parsing in Rack to take an...
EUVD-2024-28428
Malicious code in bioql PyPI...
CVE-2024-30508
Missing Authorization vulnerability in ThimPress WP Hotel Booking.This issue affects WP Hotel Booking: from n/a through 2.0.9.2...
PT-2024-23435 · Thimpress · Thimpress Wp Hotel Booking
Name of the Vulnerable Software and Affected Versions: ThimPress WP Hotel Booking versions 2.0.9.2 and earlier Description: A Missing Authorization issue affects ThimPress WP Hotel Booking, allowing unauthorized access. Recommendations: For ThimPress WP Hotel Booking versions 2.0.9.2 and earlier,...
CVE-2022-44572
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulting in a denial of servi...
DEBIAN-CVE-2022-44571
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly...
CVE-2020-4649
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 expose data to non-privileged users due to not invalidating TM1Web sessions (information disclosure). The issue affects Local 2.0.9.2 and Workspace 57, with remediation in IBM Planning Analytics Local 2.0.9.3 and Plannin...
CVE-2005-0743
The custom avatar uploading feature uploader.php for XOOPS 2.0.9.2 and earlier allows remote attackers to upload arbitrary PHP scripts, whose file extensions are not filtered...