9 matches found
PT-2024-28780
Name of the Vulnerable Software and Affected Versions GraphQL Java versions prior to 21.5 GraphQL Java version 20.9 GraphQL Java version 19.11 Description The issue is related to the improper consideration of ExecutableNormalizedFields ENFs in preventing denial of service via introspection querie...
CVE-2023-28062
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions...
GoCD 安全漏洞
GoCD is a continuous delivery server. A security vulnerability exists in GoCD versions 19.2.0 through 19.11.0 that originates from allowing an authenticated agent to impersonate another agent, resulting in an access control outage and incorrect authentication of agent tokens in the GoCD server to...
PT-2022-24889 · Gocd · Gocd
Name of the Vulnerable Software and Affected Versions: GoCD versions 19.2.0 through 19.10.0 Description: The issue concerns a timing attack in the validation of access tokens due to the use of regular string comparison instead of a constant time algorithm. This could allow a brute force attack on...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.19.11 and earlier, which originates from an attacker capable of injecting WLAN frames can cause a buffer overflow in t...
CVE-2022-32481
Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover...
PT-2021-19832 · Nextcloud +1 · Nextcloud Server +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue allows an attacker to gain write/read privileges on any Federated File Share. This can also...
PT-2021-19833 · Nextcloud +1 · Nextcloud Server +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.11 Nextcloud Server versions prior to 20.0.10 Nextcloud Server versions prior to 21.0.2 Description: The issue arises when an attacker converts a Files Drop link to a federated share, causing problems o...
VMware InstallBuilder Resource Management Error Vulnerability
VMware InstallBuilder is a multi-platform installer development and automatic update tool from VMware. A security vulnerability exists in VMware InstallBuilder versions prior to 19.11. An attacker could exploit this vulnerability to cause a denial of service...