CVE-2021-47853

phpPgAdmin 7.13.0 is affected by a remote command execution vulnerability described in Red Hat CVE-2021-47853, where an authenticated attacker can manipulate SQL queries to run arbitrary operating system commands via COPY FROM PROGRAM after creating a table and uploading a crafted .txt file. This...

OPENSUSE-SU-2025:20159-1 Security update for keylime

This update for keylime fixes the following issues: Update to version 7.13.0+40. Security issues fixed: - CVE-2025-13609: possible agent identity takeover due to registrar allowing the registration of agents with duplicate UUIDs bsc1254199. - CVE-2025-1057: registrar denial-of-service due to...

CVE-2025-60796

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters is reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php, admin.ph...

CVE-2025-60796

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters is reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php, admin.ph...

PT-2025-47583

Name of the Vulnerable Software and Affected Versions phpPgAdmin versions 7.13.0 and earlier Description phpPgAdmin versions 7.13.0 and earlier contain a SQL injection issue in the display.php file at line 396. The application directly uses user-provided input from the query parameter in the $...

CVE-2025-64484

OAuth2-Proxy is affected by a header smuggling vulnerability where authenticated users can exploit underscores in HTTP header names (e.g., X_Forwarded_For) to bypass upstream header filtering, potentially escalating privileges in the application behind the proxy. The issue occurs in deployments t...

WordPress Modern Events Calendar Plugin <= 7.12.1 is vulnerable to Server Side Request Forgery (SSRF)

Software Modern Events Calendar Type Plugin Vulnerable versions = 7.12.1 Fixed in 7.13.0 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-6522 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 2c1730c6aa47 Credits Foxyyy Required...

Important: Red Hat Security Advisory: Red Hat Fuse 7.13.0 release and security update

Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

Elastic Kibana 7.13.0 < 7.17.16, 8.0 < 8.11.2 Information Disclosure (ESA-2023-27)

The version of the Elastic Kibana instance on the remote host is 7.13.0 prior to 7.17.16 or 8.0 prior to 8.11.1. It is, therefore, affected by an information disclosure vulnerability. In the event of an infrequent error returned from an Elasticsearch cluster, in cases where there is user...

Elastic Kibana Log Information Disclosure Vulnerability

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A log message disclosure vulnerability exists in Elastic Kibana versions 7.13.0 through 7.17.16 and 8.0...

Atlassian Jira 7.13.0 < 7.6.17 Information Disclosure In Comment Restriction Feature

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.0. It is, therefore, affected by a vulnerability which permits remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment...

Atlassian Jira 7.13.0 < 7.13.12 Improper Authorization In Workflowresource Class

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to version 7.13.12 , 8.0.0 prior to 8.4.3 or 8.5.0 prior to 8.5.2. It is, therefore, affected by a vulnerability which permits authenticated remote attackers who do not have...

Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4, 8.0.0 prior to 8.0.4 or 8.1.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers w...

Atlassian Jira 7.13.x < 7.13.4 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4 or 8.0.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers to inject arbitrary HTM...

Elastic Kibana URL Redirection Vulnerability (ESA-2021-12)

Elastic Kibana is prone to an URL redirection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...

CVE-2019-17337 TIBCO Spotfire Server Library Vulnerable to Reflected Cross-Site Scripting

The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting XSS attack. Affected releases are TIBCO Software Inc.'...