14 matches found
@dyyxyzz/baileys-mod (>=6.0.32 <=6.0.54) potentially affected by unknown CVE via @daffadeveloper/libsignal-node (=0.0.1-security)
@daffadeveloper/libsignal-node NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on @daffadeveloper/libsignal-node and may be impacted: - @dyyxyzz/baileys-mod =6.0.32, =6.0.54 Source cves: unknown CVE Source advisory:...
CVE-2025-45754
A stored cross-site scripting XSS vulnerability exists in SeedDMS 6.0.32. This vulnerability allows an attacker to inject malicious JavaScript payloads by creating a document with an XSS payload as the document name...
SeedDMS 安全漏洞
SeedDMS is SeedDMS open source an open source document management system based on PHP and MySql. The system is mainly used for storing and sharing documents. SeedDMS version 6.0.32 has a security vulnerability , the vulnerability stems from the zip import function , which may lead to the executio...
SeedDMS 安全漏洞
SeedDMS is SeedDMS open source an open source document management system based on PHP and MySql. The system is mainly used for storing and sharing documents. A security vulnerability exists in SeedDMS version 6.0.32, which originates from stored cross-site scripting and could lead to the injectio...
PT-2025-22419
Name of the Vulnerable Software and Affected Versions SeedDMS version 6.0.32 Description A vulnerability in SeedDMS allows an attacker with admin privileges to execute arbitrary PHP code by exploiting the zip import functionality in the Extension Manager. Recommendations For SeedDMS version 6.0.3...
PT-2025-22403
Name of the Vulnerable Software and Affected Versions SeedDMS version 6.0.32 Description A stored cross-site scripting XSS issue exists, allowing an attacker to inject malicious JavaScript payloads by creating a document with an XSS payload as the document name. Recommendations For SeedDMS versio...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the parsing of X.509 certificates. An attacker can cause excessive CPU consumption and disrupt service by submitting a specially crafted malicious certificate. Remediation Upgrade...
2024-07 .NET 6.0.32 Security Update for x86 Client (KB5041080)
2024-07 .NET 6.0.32 Security Update for x86 Client KB5041080...
2024-07 .NET 6.0.32 Security Update for ARM64 Client (KB5041080)
2024-07 .NET 6.0.32 Security Update for ARM64 Client KB5041080...
GHSA-GVGC-RXMH-5HVW Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment
The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...
OTRS 跨站脚本漏洞
OTRS is an application from the German company OTRS. A service management software. OTRS AG A cross-site scripting vulnerability exists in OTRS that could allow an attacker to create an email containing a specially crafted link to perform an XSS attack. The following products and versions are...
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Tomcat is prone to a remote information-disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
Apache Tomcat is prone to a remote information-disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache Tomcat 6.0.x < 6.0.32 Denial of Service Vulnerability
Binary data 800599.prm...