27 matches found
EUVD-2023-1232
Malicious code in bioql PyPI...
EUVD-2023-1210
Malicious code in bioql PyPI...
EUVD-2023-1163
Malicious code in bioql PyPI...
CVE-2023-29015
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted comment, resulting ...
CVE-2023-29014
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
IBM Security Verify Access 输入验证错误漏洞
IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...
RHEL 9 : ovn23.03 (RHSA-2024:1394)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1394 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
Security Bulletin: IBM Security Verify Access OpenID Connect Provider container has fixed a vulnerability (CVE-2022-43867)
Summary A Security Vulnerability has been addressed in the IBM Security Verify Access OpenID Connect OIDC Provider container. Vulnerability Details CVEID:CVE-2022-43876 DESCRIPTION: IBM Security Verify Access OIDC Provider allows web pages to be stored locally which can be read by another user on...
Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter
Impact A reflected cross-site scripting vulnerability has been identified in Goobi viewer core when evaluating the LOGID parameter. An attacker could trick a user into following a specially crafted link to a Goobi viewer installation, resulting in the execution of malicious script code in the...
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
GHSA-622W-995C-3C3H Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
GHSA-2R9R-8FCG-M38G Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
Impact A cross-site scripting vulnerability has been identified in Goobi viewer core when using nicknames. An attacker could create a user account and enter malicious scripts into their profile's nickname, resulting in the execution in the user's browser when displaying the nickname on certain...
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
Impact A cross-site scripting vulnerability has been identified in Goobi viewer core when using nicknames. An attacker could create a user account and enter malicious scripts into their profile's nickname, resulting in the execution in the user's browser when displaying the nickname on certain...
CVE-2023-29014
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
CVE-2023-29016
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
Cross site scripting
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...