CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

CVE-2025-52987 Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

PT-2026-3103

Name of the Vulnerable Software and Affected Versions Juniper Networks Paragon Automation Pathfinder, Planner, Insights versions prior to 24.1.1 Description A clickjacking issue exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights. This is due to the...

CVE-2024-4187

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

Galaxy 跨站脚本漏洞

Galaxy is an open source platform for FAIR data analysis open-sourced by the Galaxy Project. A cross-site scripting vulnerability exists in Galaxy versions prior to 24.1.1, which stems from an attacker being able to trick a user into executing arbitrary javascript code when the user is visually...

CVE-2024-4187

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites...

CVE-2024-4187 Stored XSS vulnerability has been discovered in OpenText™ Filr. The vulnerability could cause users to not be warned when clicking links to external sites.

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites...

PT-2024-29608 · Opentext · Opentext Filr

Name of the Vulnerable Software and Affected Versions: OpenText Filr versions 24.1.1 through 24.2 Description: A Stored XSS issue has been found, which could prevent users from receiving warnings when clicking on links to external sites. Recommendations: For versions 24.1.1 and 24.2, update to a...

PT-2024-25945 · Syracuse · Avantra Server

Name of the Vulnerable Software and Affected Versions: Avantra Server versions 24.0.0 through 24.0.6 Avantra Server versions 24.1.0 through 24.1.0 Description: The issue concerns the mishandling of dashboard security. If a user can create a dashboard with an auto-login user, data disclosure may...

PT-2024-24094 · Openstack · Ironic-Image

Name of the Vulnerable Software and Affected Versions: Ironic-image versions prior to 24.1.1 Description: The issue affects Ironic-image, an OpenStack Ironic deployment packaged and configured by Metal3, when the reverse proxy mode is enabled by setting the IRONIC REVERSE PROXY SETUP variable to...

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Mac OS X

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security Bulletin: Vulnerability in Google Guava affects IBM Cúram Social Program Management (CVE-2018-10237)

Summary IBM Cúram Social Program Management uses the Google Guava library indirectly through Google Guice. In versions of Google Guava library before version 24.1.1, an unbounded memory allocation vulnerability enables remote attackers to conduct denial of service attacks against servers that...

UBUNTU-CVE-2018-10237

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class when serialized with Java serialization...

Firefox ESR 24.x < 24.1.1 NSS and NSPR Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is a version prior to 24.1.1 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. CVE-2013-1741 - An error exists in the...