14 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-2007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over th...
CVE-2024-32873
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. The spendable balance is not updated properly when delegating vested tokens. The issue allows a clawback vesting account to anticipate the release of unvested tokens. This vulnerability is fixed in 18.0.0...
BIT-DOLIBARR-2024-23817 Dolibarr Application Home Page HTML injection vulnerability
Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendere...
CVE-2022-1711
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.5...
UBUNTU-CVE-2023-4197
Improper input validation in Dolibarr ERP CRM = v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code...
PT-2023-1111 · Adobe · Indesign
Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions 18.0 and earlier Adobe InDesign versions 17.4 and earlier Description: The issue is related to insufficient input validation in Adobe InDesign, which could allow an attacker to execute arbitrary code. Exploitation of...
Parallels Remote Application Server 安全漏洞
Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. in the United States. A security vulnerability exists in Parallels Remote Application Server version v18.0 that stems from the vulnerability of the web client to...
CVE-2020-14731
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Segment. Supported versions that are affected are 18.0 and 19.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2020-14709
Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Card. Supported versions that are affected are 16.0, 17.0 and 18.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
SUSE-SU-2020:0104-1 Security update for nodejs10
This update for nodejs10 to version 10.18.0 fixes the following issues: Security issues fixed: - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field bsc1159352. - Added support for chacha20-poly1305 for Authenticated...
CVE-2019-10854
Computrols CBAS 18.0.0 allows Authenticated Command Injection...
CVE-2019-10853
Computrols CBAS 18.0.0 allows Authentication Bypass...
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
Microsoft SQL Server Management Studio Information Disclosure Vulnerability
Microsoft SQL Server Management Studio is an integrated environment for managing multiple SQL infrastructures from Microsoft. The product is mainly used for setting up, monitoring and managing SQL programs. An information disclosure vulnerability exists in Microsoft SQL Server Management Studio...