json-2-csv 安全漏洞

json-2-csv is a JSON-to-CSV conversion tool developed by Michael Rodrigues. Versions of json-2-csv from 3.15.0 to 5.5.11 had security vulnerabilities. These vulnerabilities stemmed from the possibility of bypassing the preventCsvInjection option, allowing attackers to inject formulas into the CSV...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004027)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004027 advisory. An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004721 advisory. An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

EUVD-2025-22728

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-29370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c7...

Simplehelp 安全漏洞

SimpleHelp is a remote support software from SimpleHelp, Inc. A security vulnerability exists in Simplehelp versions prior to 5.5.11 that stems from vulnerability to cross-site request forgery attacks...

PT-2024-1986 · Ibm · Ibm Filenet Content Manager

Name of the Vulnerable Software and Affected Versions: IBM CP4BA - Filenet Content Manager Component versions 5.5.8.0 through 5.5.11.0 Description: The issue is related to insufficient access control in the IBM FileNet Content Manager component, which could allow a user to gain the privileges of...

CVE-2020-29370

An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

PT-2020-4971 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.5.11 Description: The issue is related to the kmem cache alloc bulk function in the Linux kernel, specifically in the mm/slub.c file. It is associated with errors in executing multithreaded tasks, known as a...

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2019-10019)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in Nagios XI versions prior to 5.5.11. An attacker can exploit this vulnerability to injec...

CVE-2019-9165

SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id...

CVE-2019-9166

Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php and importxiconfig.php...

PT-2019-19406 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.5.11 Description: A SQL injection issue allows attackers to execute arbitrary SQL commands via the API when using fusekeys and a malicious user id. Recommendations: For versions prior to 5.5.11, update to version...

PT-2019-19405 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.5.11 Description: The issue allows authenticated users to execute arbitrary remote commands via a new autodiscovery job. There have been reports of cross-site scripting XSS that can lead to root remote code...

WordPress HpHospital 1.0 Database Disclosure

Exploit Title : WordPress HpHospital Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Exploit Risk : Medium Version Information : 1.0...

iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability

Exploit for java platform in category remote exploits Product: iText PDF Library Vendor: iText Group CVE ID: CVE-2017-9096 Subject: XML External Entity Attack XXE Risk: Medium Effect: Remotely exploitable Author: Benjamin Bruppacher Date: 2017-11-06 Introduction: ------------- iText is a software...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935...

CVE-2015-6402

CVE-2015-6402 is a cross-site scripting (XSS) vulnerability in the management interface of the Cisco EPC3928 Wireless Residential Gateway (EDVA 5.5.10, 5.5.11, 5.7.1). The issue allows remote attackers to inject arbitrary web script or HTML via an unspecified value. Cisco advises that no software...

Fedora 19 : php-5.5.11-1.fc19 (2014-4735)

03 Apr 2014, PHP 5.5.11 Core : - Allow zero length comparison in substrcompare Tjerk - Fixed bug 60602 procopen changes environment array Tjerk SPL : - Added feature 65545 SplFileObject::fread Tjerk cURL : - Fixed bug 66109 Can't reset CURLOPTCUSTOMREQUEST to default behaviour Tjerk - Fix...

Fedora 20 : php-5.5.11-1.fc20 (2014-4767)

03 Apr 2014, PHP 5.5.11 Core : - Allow zero length comparison in substrcompare Tjerk - Fixed bug 60602 procopen changes environment array Tjerk SPL : - Added feature 65545 SplFileObject::fread Tjerk cURL : - Fixed bug 66109 Can't reset CURLOPTCUSTOMREQUEST to default behaviour Tjerk - Fix...