4 matches found
CVE-2025-58644
Deserialization of Untrusted Data vulnerability in enituretechnology LTL Freight Quotes - TQL Edition ltl-freight-quotes-tql-edition allows Object Injection.This issue affects LTL Freight Quotes - TQL Edition: from n/a through = 1.2.6...
PT-2024-25481 · Lunary · Lunary
Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions 1.2.2 through 1.2.6 Description: The issue allows unprivileged users to re-generate the private key for projects they do not have access to. Specifically, a user with a 'Member' role can issue a request to regenerate...
PT-2022-20168 · Anker · Anker Connect Plugin
Name of the Vulnerable Software and Affected Versions: 5 Anker Connect plugin versions 1.2.6 and earlier Description: The issue is an authenticated reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into the website, which woul...
PT-2022-17151 · Jenkins · Jenkins Swamp Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins SWAMP Plugin versions 1.2.6 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified web server using attacker-specified credentials. The vulnerability is due to a...