PT-2026-1890

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache versions prior to 3.0.3 Description A missing authorization issue exists in Aruba HiSpeed Cache. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations Update...

CVE-2023-2021

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3...

PT-2024-31479 · Nintendo · Mario Kart 8 Deluxe +1

Name of the Vulnerable Software and Affected Versions: Mario Kart 8 Deluxe versions prior to 3.0.3 Description: The issue is caused by a stack-based buffer overflow in the LAN/LDN local multiplayer implementation, allowing a remote attacker to exploit it upon deserialization of session informatio...

Apache Superset 跨站脚本漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A cross-site scripting vulnerability exists in Apache Superset versions prior to 3.0.3, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can ...

PT-2023-20425 · Wpchill · Wpchill Strong Testimonials

Name of the Vulnerable Software and Affected Versions: WPChill Strong Testimonials plugin versions prior to 3.0.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or higher permissions. Recommendations: For WPChill Strong...

PT-2022-24468 · WordPress · The Floating Chat Widget

Name of the Vulnerable Software and Affected Versions: The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin versions prior to 3.0.3 Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter...

UBUNTU-CVE-2022-39047

Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL...

PT-2021-17103 · Unknown · Merge-Deep

Name of the Vulnerable Software and Affected Versions: merge-deep library versions prior to 3.0.3 Description: The issue allows an attacker to trick the library into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in t...

CVE-2020-2506

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk...

CVE-2020-2507

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3...

QNAP Systems Helpdesk 安全漏洞

Qnap Systems QNAP Systems Helpdesk is a helpdesk application from China Wizlink Qnap Systems. An Access Control Error vulnerability exists in QNAP Systems Helpdesk versions prior to 3.0.3, which arises from improper access control and can be exploited by an attacker to gain control of a QNAP devi...

PT-2020-17354 · Mersive · Solstice Pod

Name of the Vulnerable Software and Affected Versions: Solstice Pod versions prior to 3.0.3 Description: The firmware of the affected versions can be easily decompiled or disassembled, and the resulting files contain non-obfuscated code. It is unclear whether the lack of obfuscation directly caus...

Mayan EDMS Cross-Site Scripting Vulnerability

Mayan EDMS is a document management system developed by software developer Roberto Rosario. The system supports electronic signatures, version control, optical character recognition, etc. Tags app is one of the tag management applications. A cross-site scripting vulnerability exists in the Tags a...

NetIQ iManager Authentication Vulnerability

NetIQ iManager is a WEB-based application from American NetIQ. You can use wireless devices to manage and configure eDirectory objects. A security vulnerability exists in NetIQ iManager versions prior to 3.0.3 that originates when the program sends an SSL private key from a Java application to...