13 matches found
VulnCheck KEV: CVE-2024-45216
Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests to skip...
EUVD-2025-7726
Malicious code in bioql PyPI...
CVE-2025-26976
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through = 8.11.4...
CVE-2025-26976
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through = 8.11.4...
WordPress plugin PrivateContent SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress PrivateContent plugin <= 8.11.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin PrivateContent versions = 8.11.4...
Insecure Default Initialization of Resource vulnerability in Apache Solr
New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to "trusted"...
CVE-2024-45216 Apache Solr: Authentication bypass possible using a fake URL Path ending
Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests to skip...
Security Bulletin: Cryptography-41.0.3 and cryptography-41.0.5 is vulnerable to CVE-2023-49083 used in IBM Maximo Application Suite - Edge Data Collector
Summary IBM Maximo Application Suite - Edge Data Collector uses cryptography-41.0.3-cp37-abi3-manylinux228x8664.whl and cryptography-41.0.5-cp37-abi3-manylinux228x8664.whl which is vulnerable to CVE-2023-49083 Vulnerability Details CVEID:CVE-2023-49083 DESCRIPTION: Cryptography package for Python...
Security Bulletin: urllib3 is vulnerable to CVE-2023-45803 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-45803. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obta...
Security Bulletin: PyArrow is vulnerable to CVE-2023-47248 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses PyArrow which is vulnerable to CVE-2023-47248. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to...
Vulnerability fixed in Atlassian Bitbucket
Atlassian has fixed a vulnerability in Bitbucket. A malicious party could exploit the vulnerability to execute arbitrary code execute arbitrary code, possibly with elevated privileges. For successful abuse, the malicious party must be authenticated. Atlassian has released updates to fix the...
Security update for nodejs8 (moderate)
This update for nodejs8 to version 8.11.4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed: -...