CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

Input validation

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

UBUNTU-CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

CVE-2024-22119 Stored XSS in graph items select form

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

CVE-2024-22119

CVE-2024-22119 is a stored XSS in Zabbix frontend’s graph items select form caused by improper validation of the Graph page Name field in Items. Connected advisories confirm the issue affects multiple Linux distributions (Debian, SUSE/openSUSE, AstraLinux, etc.) and report fixes in various releas...

CVE-2024-22119 Stored XSS in graph items select form

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

Wiz AI-SPM extends support to Microsoft Azure OpenAI Service models

Secure Microsoft Azure AI Services, including Azure OpenAI, with Wiz AI-SPM providing full visibility into AI pipelines and risks on the Wiz Security Graph...

CVE-2024-0253

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data...

CVE-2024-0253

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data...

CVE-2024-0253 SQL Injection

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data...

CVE-2024-0253

CVE-2024-0253 affects ManageEngine ADAudit Plus versions 7270 and below, due to an Authenticated SQL injection in the home Graph-Data component. The issue is addressed by upgrading to a version above 7270 (e.g., 7271+ as referenced by multiple sources). No exploit details are provided in the supp...

PT-2024-15413 · Manageengine · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: ManageEngine ADAudit Plus versions 7270 and below Description: The issue is related to an Authenticated SQL injection in the home Graph-Data of ManageEngine ADAudit Plus. Recommendations: For ManageEngine ADAudit Plus versions 7270 and below,...

BIT-LIFERAY-2022-26597

Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...

Silverstripe CMS GraphQL Server Security Vulnerability

Silverstripe CMS GraphQL Server is a tool that makes SilverStripe data available as a GraphQL representation. A security vulnerability exists in Silverstripe CMS GraphQL Server versions 4.x prior to 4.3.7 and 5.x prior to 5.1.3, which stems from the ability to bypass privilege checks...

FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...

Vulnerabilities fixed in Oracle Database products

Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system da...

Oracle Database Server (January 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easi...

Oracle Patch Update, January 2024 Security Update Review

Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, includin...