NPM: n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

NPM: n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions vulnerability discovered by ? in WordPress Npm n8n versions 2.19.3...

EUVD-2022-46687

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: RHOAI 2.19.3 - Red Hat OpenShift AI

Updated images are now available for Red Hat OpenShift AI. Release of RHOAI 2.19.3 provides these changes:...

CVE-2024-48933

A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that allows special HTML characters...

PT-2024-33281 · Unknown · Lemonldap::Ng

Name of the Vulnerable Software and Affected Versions: LemonLDAP::NG versions prior to 2.19.3 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that...

SUSE CVE-2017-18214

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...

nodejs-moment: Regular expression denial of service

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...

UBUNTU-CVE-2022-43705

In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 November 2016...

Botan 信任管理问题漏洞

Botan is a library of cryptographic algorithms written in C++. It supports a variety of algorithms such as AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan versions 1.11.34 and later up to 2.19.3, which stems from a certificate validation error and can be...

GHSA-446M-MV8F-Q348 Regular Expression Denial of Service in moment

Affected versions of moment are vulnerable to a low severity regular expression denial of service when parsing dates as strings. Recommendation Update to version 2.19.3 or later...

Regular Expression Denial of Service

Overview Affected versions of moment are vulnerable to a low severity regular expression denial of service when parsing dates as strings. Recommendation Update to version 2.19.3 or later. References - Issue 4163 - PR 4326 - GitHub Advisory...

PT-2017-4100 · Moment.Js +2 · Moment +2

Name of the Vulnerable Software and Affected Versions: moment versions prior to 2.19.3 Description: The issue is related to a regular expression denial of service via a crafted date string. It allows a remote attacker to cause a denial of service. The vulnerability is associated with an...

GNOME显示管理器G_Strsplit函数本地拒绝服务漏洞

BUGTRAQ ID: 25191 CVE ID:CVE-2007-3381 CNCVE ID:CNCVE-20073381 GNOME Display Manager是Gnome的显示管理器。 GNOME Display Manager GStrsplit函数不正确处理GDM套接字命令，本地攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建特殊的GDM报文命令会引起GDM停止管理显示，导致拒绝服务。目前没有详细漏洞细节提供。 GNOME GDM 2.19.4 GNOME GDM 2.19.3 GNOME GDM 2.19.2 GNOME GDM 2.19.1 GNOME GDM...

CVE-2006-0916

Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain...

Security Advisory for Bugzilla 2.18.1 and 2.19.3

Summary ======= Bugzilla is a Web-based bug-tracking system, used by a large number of software projects. This advisory covers two security bugs that have recently been discovered and fixed in the Bugzilla code: + Any user can change a flag on any bug. This also allows the attacker to expose the...

Bugzilla < 2.19.3 Information Disclosure

Binary data 2900.prm...