@ekyc_qoobiss/qbs-cid-cmp (>=1.0.5 <=1.5.9), @ekyc_qoobiss/qbs-ect-cmp (>=1.2.0 <=4.8.0) +48 more potentially affected by CVE-2023-26487 via vega-functions (>=5.10.0 <=5.12.1)

vega-functions NPM version =5.10.0, =1.0.5, =1.2.0, =0.0.2, =0.1.2, =1.0.0, =1.0.7, =0.6.2, =1.0.1, =0.1.0, =1.1.6 and more Source cves: CVE-2023-26487 Source advisory: OSV:GHSA-W5M3-XH75-MP55...

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution

Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG Tested Version: 5.7.12+0-a203c2a213-master Fixed Version: inline patch - no new version number Vulnerability Type: Improper Control of...

SUSE CVE-2005-4900

SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is...

SUSE CVE-2019-8607

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of proces...

SUSE CVE-2022-27379

An issue in the component Argcomparator::comparerealfixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

Drupal H5P Module 2.0.0 Zip Slip Traversal

------------------------------------------------------------------ Drupal H5P Module statIndex$i'name'; 892. 893. if pregmatch'/^.|/./', $fileName !== 0 894. continue; // Skip any file or folder starting with a . or 894. This regex check should be enough to prevent path traversal attacks through...

@aothechbcn/frontend-idealbar--lib-idealbar (>=1.0.0 <=1.0.10), @brigad/redux-rest-easy (>=3.0.0 <=3.0.3) +54 more potentially affected by CVE-2022-24999 via qs (=6.6.0)

qs NPM version =6.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on qs and may be impacted: - @aothechbcn/frontend-idealbar--lib-idealbar =1.0.0, =3.0.0, =0.92.0, =1.0.1, =1.0.0, =5.1.0, =13.1.1-5e9b77d, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 -...

CVE-2022-39393 Wasmtime vulnerable to data leakage between instances in the pooling allocator

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously ...

CVE-2022-44548

There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing...

CVE-2022-35156

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php...

CVE-2022-2154

...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21609 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.26)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21609 Source advisory: OSV:GHSA-4625-Q52W-39CX...

CVE-2022-1116

creationtimestamp| type| source ---|---|--- 2022-05-17 20:27:53+00:00| seen| https://t.me/cibsecurity/42840 2025-04-21 14:02:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12662...

org.apache.flex.blazeds:flex-messaging-opt (>=4.7.1 <=4.7.2), org.apache.flex.blazeds:flex-messaging-opt-tomcat4 (>=4.7.1 <=4.7.2) +4 more potentially affected by CVE-2017-5641 via org.apache.flex.blazeds:flex-messaging-core (>=4.7.1 <=4.7.2)

org.apache.flex.blazeds:flex-messaging-core MAVEN version =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.7.2 Source cves: CVE-2017-5641 Source advisory: OSV:GHSA-W8V7-PRHW-XJPW...

CVE-2021-0126

Improper input validation for the IntelR Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...

CVE-2022-26923 Active Directory Domain Services Elevation of Privilege Vulnerability

...

SUSE: Security Advisory (SUSE-SU-2022:1431-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CustomHistory:CustomHistory (>=1.1 <=1.3), com.amazonaws:aws-codepipeline (>=0.9 <=0.45) +158 more potentially affected by CVE-2012-4439 via org.jenkins-ci.main:jenkins-core (>=1.467 <=1.481)

org.jenkins-ci.main:jenkins-core MAVEN version =1.467, =1.1, =0.9, =0.3, =0.10, =1.0.3, =1.3.3, =1.99.0, =2.11.0, =1.8.5, =1.15, =1.6.0, =1.13.1 and more Source cves: CVE-2012-4439 Source advisory: SNYK:JAVA-ORGJENKINSCIMAIN-9402852...

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.herodotus.engine:assistant-sdk-jackson (>=2.7.0.Beta1 <=2.7.0.Beta2) +523 more potentially affected by CVE-2022-29577 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.6.6.1)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta4 - cn.herodotus.engine:oauth2-sdk-authorization-ui =2.7.0.Beta3 and...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +203 more potentially affected by CVE-2011-3923 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.1.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =0.5.9, =1.2.0, =1.0.0, =2.0, =1.0.3, =1.2.2, =1.4.0 and more Source cves: CVE-2011-3923 Source advisory: OSV:GHSA-J68F-8H6P-9H5Q...