13 matches found
EUVD-2016-8700
Malware in sbrugna...
EUVD-2023-39788
Malicious code in bioql PyPI...
Security Bulletin: Due to the use of Eclipse Jetty, IBM App Connect Professional is vulnerable to bypass security restrictions
Summary Eclipse Jetty is used within IBM App Connect Professional Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by improper validation on the authority segment of a URI in the HttpURI class. By sending a...
CVE-2024-54040 Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...
The vulnerability of the CONNECT v5 component of the Eclipse Mosquitto messaging broker allows a attacker to cause a service failure.
The vulnerability of the CONNECT v5 component of the Eclipse Mosquitto messaging broker is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability could allow a malicious actor to cause service failures...
NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The flaw, tracked as CVE-2023-43208 CVSS score: N/A, concerns a cas...
PT-2023-30110 · Unknown · Saphira Connect
Name of the Vulnerable Software and Affected Versions: Saphira Connect versions prior to 9 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...
PT-2022-18957 · Bentley · Microstation Connect
Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.34 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicio...
Bentley Systems MicroStation 缓冲区错误漏洞
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer error vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34. An attacker could exploit the vulnerability to execute code in the current process...
Bentley Systems MicroStation 缓冲区错误漏洞
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer error vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34. An attacker could exploit the vulnerability to execute code in the current process...
CVE-2021-46647
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
IBM API Connect Weak Encryption Vulnerability
IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. A security vulnerability exists in IBM API Connect version 2018.4.1.7 that stems from the...
CVE-2017-11287
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure...