com.farcsal.dql:query-es (=0.8.0), com.github.msarhan:elasticsearch-analysis-arabic (>=1.2.0 <=1.4.0) +11 more potentially affected by CVE-2024-43709 via org.elasticsearch:elasticsearch (>=8.0.0 <=8.13.2)

org.elasticsearch:elasticsearch MAVEN version =8.0.0, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =1.6.es801.0, =8.0.0, =8.13.2 Source cves: CVE-2024-43709 Source advisory: OSV:GHSA-JGX4-7V3V-VWFM...

GitLab 8.9.x - 8.10.12, 8.11.x - 8.11.9, 8.12.x - 8.12.7, 8.13.x - 8.13.2 Directory Traversal Vulnerability

GitLab is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

Atlassian Jira 8.6.x < 8.13.2 Insecure Direct Object References

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.10 or 8.6.x 8.13.2. It is, therefore, affected by an Insecure Direct Object References IDOR vulnerability allowing remote attackers to view the metadata of boards they...

CVE-2021-20079

Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host...

Tenable Nessus <= 8.13.2 Privilege Escalation Vulnerability (TNS-2021-07)

Tenable Nessus is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus";...

Tenable Nessus 8.9.0 < 8.13.2 Multiple Vulnerabilities (TNS-2021-05)

According to its self-reported version, the Tenable Nessus application running on the remote host is 8.9.0 prior to 8.13.2. It is, therefore, affected by multiple vulnerabilities: - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a...

[R1] Nessus 8.13.2 Fixes Multiple Third-party Vulnerabilities

Nessus leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade t...

Atlassian JIRA < 8.5.10 / 8.6.x < 8.13.2 Information Disclosure (JRASERVER-72002)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is affected by an information disclosure vulnerability in its boards component due to missing permission checks. An authenticated, remote attacker can exploit this, to enumerate board...

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References IDOR vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2...

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References IDOR vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2...

Board metadata is viewable without permissions via IDOR - CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References IDOR vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2. ...

GitLab unauthorized access vulnerability can lead to remote command execution-vulnerability warning-the black bar safety net

GitLab is a use of Ruby on Rails development, Open Source Application, to achieve a self-hosted Git project repository, through a Web interface to access the public or private projects. 2 0 1 6 years 1 1 months to 3 December, the United States the congregation measured platform HackerOne announce...

Sendmail 8.12.x 'X-header' Remote Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34944/info Sendmail is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer. Successfully exploiting this...

Sendmail 8.12.x - X-header Remote Heap Buffer Overflow (PoC)

Sendmail 8.12.x - X-header Remote Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/34944/info Sendmail is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer...

Sendmail < 8.13.2 Mail X-Header Handling Remote Overflow

The remote host is running a version of the Sendmail mail server earlier than 8.13.2. Such versions are reportedly affected by a remote buffer overflow vulnerability. An attacker could leverage this flaw to execute arbitrary code with the privileges of the affected application. C Tenable Network...

Sendmail Buffer Overflow Vulnerability

The host is running Sendmail and is prone to Buffer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbsendmailbofvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Sendmail Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Sendmail Buffer Overflow Vulnerability

Sendmail is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sendmail:sendmail";...