CVE-2023-35777

Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through = 6.1.2.2...

WordPress plugin The Events Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2023-41835

When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or greater, which...

CVE-2023-41835

When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or greater, which...

Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM Sterling B2B Integrator uses Apache James MIME4J. Vulnerability Details CVEID: CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

Security Bulletin: IBM Sterling B2B Integrator affected by remote code execution due to Snake Yaml (CVE-2022-1471)

Summary IBM Sterling B2B Integrator uses Snake Yaml. Vulnerability Details CVEID: CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class. By using a specially-crafted ya...

PT-2023-7509 · Atlassian +1 · Confluence +1

Name of the Vulnerable Software and Affected Versions: Apache Struts versions prior to 2.5.32 Apache Struts versions prior to 6.1.2.2 Apache Struts versions prior to 6.3.0.1 Confluence Data Center versions from 7.17.0 to 8.8.0 excluding 8.8.0 Confluence Data Center versions from 8.0.0 to 8.0.4...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Scale packaged in IBM Elastic Storage System (CVE-2021-39031)

Summary There is a vulnerability in IBM WebSphere Application Server Liberty, used by IBM Elastic Storage System, which could allow a remote attacker to cause a denial of service. Vulnerability Details CVEID:CVE-2021-39031 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through...

Security Bulletin: Linux Kernel vulnerability may affect IBM Elastic Storage System (CVE-2021-4083)

Summary There are security vulnerabilities in versions of Linux Kernel that are shipped with versions of IBM Elastic Storage System. A fix for these vulnerabilities is available. Vulnerability Details CVEID: CVE-2021-4083 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated...

CVE-2016-0498

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows local users to affect confidentiality via unknown vectors related to Install...