PT-2021-23985 · Unknown · Jquery Terminal Emulator

Name of the Vulnerable Software and Affected Versions: jQuery Terminal Emulator versions prior to 2.31.1 Description: The issue is a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...

Malicious code in cxp-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b0e4725a2db5433915386ce19dadd7812b0f44e9afcb7c48d855797cf7a78537 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2021-1 Malicious code in cxp-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b0e4725a2db5433915386ce19dadd7812b0f44e9afcb7c48d855797cf7a78537 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

CVE-2021-44030

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...

CVE-2021-44030

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...

Server side request forgery (ssrf)

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...

CVE-2021-44030

CVE-2021-44030 affects Quest KACE Desktop Authority before 11.2. The issue is a Cross-Site Scripting (XSS) vulnerability where untrusted HTML can reach jQuery.htmlPrefilter, as described across multiple connected sources. Root cause: unvalidated HTML reaches the jQuery prefilter. Impact: XSS pote...

CVE-2021-44030

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...

Quest KACE Desktop Authority 跨站脚本漏洞

Quest KACE Desktop Authority is a desktop management software from Quest, Inc. A cross-site scripting vulnerability exists in Quest KACE Desktop Authority, which can be exploited by remote attackers to submit special requests that can cause untrusted HTML to reach jQuery's jQuery. htmlPrefilter...

Security Bulletin: Vulnerabilities in Jackson, jQuery, and Dom4j affect IBM Spectrum Copy Data Management

Summary Vulnerabilities in Jackson, jQuery, and Dom4j, such as execution of arbitrary code, cross-site scripting, and obtaining sensitive information, may affect IBM Spectrum Copy Data Management. Vulnerability Details CVEID: CVE-2020-24616 DESCRIPTION: FasterXML jackson-databind could allow a...

Security Bulletin: Multiple vulnerabilities in jQuery-UI affect IBM Tivoli Netcool Impact (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)

Summary The jQuery-UI library is shipped as a component of Tivoli Netcool/Impact. Information about security vulnerabilities affecting jQuery-UI has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site...

Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-51c256bf87)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-013ab302be)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-ab38307fc3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 Fix Pack 4 and IBM Cognos Analytics 11.2.1. Vulnerability Details CVEID: CVE-2015-2156 DESCRIPTION: Netty could allow a remote attacker to bypass restrictions, caused by the improper validation of characters in a...

[SECURITY] Fedora 33 Update: js-jquery-ui-1.13.0-1.fc33

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

[SECURITY] Fedora 34 Update: js-jquery-ui-1.13.0-1.fc34

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

[SECURITY] Fedora 35 Update: js-jquery-ui-1.13.0-1.fc35

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

Oracle Linux 8 : pcs (ELSA-2021-9552)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9552 advisory. 0.10.10-4.0.1 - Replace HAM-logo.png with a generic one 0.10.10-4 - Fixed unfencing in - Resolves: rhbzbz1991654 0.10.10-3 - Added add/remove syntax fo...

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2021-1846)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1846 advisory. bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set...