10 matches found
Fedora 36 : ckeditor (2022-b61dfd219b)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b61dfd219b advisory. CKEditor 4.20 New Features: 5084: Added the config.tabletoolsscopedHeaders configuration option controlling the behaviour of table headers with and...
Oracle WebCenter Sites (Oct 2022 CPU)
The 12.2.1.3.0 and 12.2.1.4.0 versions of WebCenter Sites installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: Centralized Thirdparty Jars...
Oracle Business Intelligence Publisher 5.9.x < 5.9.0(OAS) (Oct 2022 CPU)
The versions of Oracle Business Intelligence Enterprise Edition OAS installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites...
Oracle Business Intelligence Publisher 5.9.x < 5.9.0 (OAS) (Oct 2022 CPU)
The versions of Oracle Business Intelligence Enterprise Edition OAS installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites...
Vulnerabilities fixed in Oracle Siebel CRM
Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the...
Drupal 9.3.x < 9.3.8 Third-Party Library Vulnerability
According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities due to its usage of a third party component, CKEditor, for WYSIWYG editing: - A vulnerability ha...
ferris-rich-input (=0.0.1) potentially affected by CVE-2022-24728 +1 more via ckeditor4 (=4.14.0)
ckeditor4 NPM version =4.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on ckeditor4 and may be impacted: - ferris-rich-input =0.0.1 Source cves: CVE-2022-24728, CVE-2022-24729 Source advisory: OSV:GHSA-4FC4-4P5G-6W89...
CVE-2022-24729
creationtimestamp| type| source ---|---|--- 2022-03-16 19:20:38+00:00| seen| https://t.me/cibsecurity/39104 2025-08-26 17:31:10+00:00| seen| Telegram/pUCZ-fWRLHCVl8pwxsUnrpisV10tVL6OBw7DzGJDDglBO5E...
CVE-2022-24729
CVE-2022-24729 affects CKEditor4 prior to 4.18.0, where the dialog plugin has a vulnerability in the input validator regex that can cause a severe performance drop, leading to browser tab freeze (ReDoS). The issue is documented with a confirmed remediation: upgrade to CKEditor4 4.18.0 or newer. C...
Drupal 9.2.x < 9.2.15 / 9.3.x < 9.3.8 Multiple Vulnerabilities (drupal-2022-03-16)
According to its self-reported version, the instance of Drupal running on the remote web server is 9.2.x prior to 9.2.15 or 9.3.x prior to 9.3.8. It is, therefore, affected by multiple vulnerabilities. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to...