29 matches found
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7278745)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by multiple vulnerabilities as referenced in the 7278745 advisory. - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of...
Linux Distros Unpatched Vulnerability : CVE-2021-41184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted...
Fedora 37 : drupal7 (2022-c4334d5277)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4334d5277 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Security Bulletin: Multiple vulnerabilities in jQuery affect IBM Tivoli Netcool Impact
Summary jQuery is shipped with IBM Tivoli Netcool Impact as part of its user interface. Information about security vulnerabilities affecting jQuery has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-41182 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site...
Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : jQuery UI vulnerability (USN-5181-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5181-1 advisory. It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this...
Ubuntu: Security Advisory (USN-6419-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory. Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary w...
Oracle Business Process Management Suite (Jul 2023 CPU)
The version of Oracle Business Process Management Suite installed on the remote host is affected by multiple vulnerabilities, as referenced in the July 2023 CPU advisory, including: - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component:...
Security Bulletin: IBM Aspera Shares is vulnerable to cross-site scripting due to JQuery-UI (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)
Summary This Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in IBM Aspera Shares 1.10.0 PL1. Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
SUSE CVE-2021-41184
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the of option is now treated as a CSS...
Fedora 36 : drupal7 (2022-9d655503ea)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Tenable Nessus < 10.2.0 Multiple Vulnerabilities (TNS-2022-11)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
Dell Wyse Management Suite < 3.7 Multiple Vulnerabilities (DSA-2022-143)
The version of Dell Wyse Management Suite installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the DSA-2022-143 advisory. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of t...
jQuery UI Cross-site Scripting (CVE-2021-41184)
A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
USN-5181-1: jQuery UI vulnerability
It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. CVE-2021-41184 It was discovered that jQuery U...
Security Bulletin: Multiple vulnerabilities in Jquery-Ui, highcharts, and datatables are affecting QRadar User Behavior Analytics (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-23445, CVE-2021-29489)
Summary There are vulnerabilities in third party packages JQuery-UI, Highcharts, datatables.net affecting User Behavior AnayticsUBA. UBA has been updated to the latest versions of these packages to address these vulnerabilities. Vulnerability Details CVEID:CVE-2021-41182 DESCRIPTION: jQuery...
Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)
The version of Nessus Network Monitor NNM installed on the remote host is prior to 6.0.1. It is, therefore, affected by multiple vulnerabilities in third-party software. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...
Oracle Primavera Unifier (Apr 2022 CPU)
The version of Primavera Unifier installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platform dojo. Supported versions that are affecte...
Security Bulletin: IBM Security QRadar SOAR is using a component vulnerable to Cross Site Scripting (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)
Summary IBM® Security QRadar SOAR formerly known as Resilient SOAR is using a component with known Cross Site Scripting vulnerabilities. QRadar SOAR uses jQuery-UI, which is vulnerable to several XSS issues as listed below. QRadar SOAR has released an update that addresses these issues...
Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities
Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Planning Analytics Workspace 2.0.73. This bulletin includes remediation for the Apache Log4j CVE-2021-44832 vulnerability. IBM Planning Analytics Workspace 2.0 has upgraded Apache Log4j to v2.17.1...