131 matches found
CVE-2023-2959
Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2...
WordPress Plugin Swatchly 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress plugin Newsletter Popup 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
CVE-2022-40699 WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)
Cross-Site Scripting XSS vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin = 3.1.2 versions...
Stellarium 路径遍历漏洞
Stellarium is a free GPL software from Stellarium that uses OpenGL to render realistic skies in real time. A security vulnerability exists in Stellarium version 1.2 and earlier versions. An attacker can exploit this vulnerability to read arbitrary files on the server running the application...
SUSE CVE-2023-25563
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...
CVE-2023-23087
An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function...
Dropbox Lepton 安全漏洞
Dropbox Lepton is a set of tools for lossless compression of JPEG format files. A denial of service vulnerability exists in LEPTON Project Dropbox Lepton version 1.2, which can be exploited to launch a denial of service attack by passing a carefully crafted JPEG file to the Lepton image compressi...
PT-2022-27479 · Unknown · Ifeature Slider
Name of the Vulnerable Software and Affected Versions: iFeature Slider plugin version 1.2 and earlier Description: A Stored Cross-Site Scripting XSS issue exists, allowing contributors or higher to inject malicious scripts. Recommendations: For iFeature Slider plugin version 1.2 and earlier, upda...
CVE-2022-38061 WordPress Export Post Info plugin <= 1.2.0 - Authenticated CSV Injection vulnerability
Authenticated author+ CSV Injection vulnerability in Export Post Info plugin = 1.2.0 at WordPress...
CVE-2022-2443
The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions function found in the /freemind-wp-browser.php file. This makes it possible for unauthenticated attackers t...
CVE-2022-34793
Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Jenkins Plugin Recipe 安全漏洞
Jenkins and Jenkins Plugin are both open source products from Jenkins.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An authorization issue vulnerability...
Bento4 安全漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version 1.2, which stems from a containment segmentation violation at an unknown address in /Source/C++/Core/Ap4DataBuffer.cpp...
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
Platinum UPnP SDK 路径遍历漏洞
The Platinum UPnP SDK is a cross-platform C++ library that is primarily used to build DLNA/UPnP control points. The Platinum Upnp SDK suffers from a path traversal vulnerability that stems from Platinum Upnp SDK 1.2.0 having a directory traversal vulnerability. The attack can be exploited by...
PT-2021-5597
Name of the Vulnerable Software and Affected Versions Log4j version 1.2 Description The issue is related to the JMSAppender in Log4j 1.2, which is vulnerable to deserialization of untrusted data. An attacker with write access to the Log4j configuration can provide TopicBindingName and...
CVE-2021-34651
The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...
OPENSUSE-SU-2021:0522-1 Security update for fwupd
This update for fwupd fixes the following issues: - Update to version 1.2.14: bsc1182057 - Add SBAT section to EFI images bsc1182057 - CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 This update was imported from the SUSE:SLE-15-SP2:Update update proje...
Veritas Backup Exec 安全漏洞
Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...