168 matches found
Splunk 安全漏洞
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab versions 10.0 through 16.1.5 or...
VulnCheck KEV: CVE-2021-24918
The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...
PT-2022-9615 · WordPress · Download Plugin
Name of the Vulnerable Software and Affected Versions: The Download Plugin WordPress plugin versions prior to 2.0.0 Description: The issue arises from improper validation of user privileges to access a backup's nonce identifier. This may allow any users with an account on the site, such as...
OpenHarmony 安全漏洞
OpenHarmony is an open source project of the OpenAtom Foundation in China for a kind of Hongmeng operating system. A security vulnerability exists in OpenHarmony v3.1.2 and earlier versions, which stems from a lack of proper privilege validation in the parameter service of its boot subsystem that...
GitLab 信息泄露漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. An information disclosure vulnerability exists in GitLab versions 12.4 through...
JFrog Artifactory 安全漏洞
Jfrog JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's Jfrog that supports clustering and high-availability Docker registries, and provides an end-to-end solution for tracking artifact automation from development to production. A security vulnerabilit...
Qualcomm 权限许可和访问控制问题漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A vulnerability in privilege permission and access...
JFrog Artifactory Access Control Error Vulnerability
JFrog Artifactory is an open source general-purpose Artifact repository manager from Israel-based JFrog Jfrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production.JFrog Artifactory is...
JFrog Artifactory 安全漏洞
JFrog Artifactory is an open source general-purpose Artifact repository manager from Israel-based JFrog Jfrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production.JFrog Artifactory is...
CVE-2022-0633
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...
CVE-2022-0633
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...
Design/Logic Flaw
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download the most recent site & database...
Cisco Unified Contact Center Management Portal和Cisco Unified Contact Center Domain Manager 安全漏洞
Cisco Unified Contact Center Management Portal and Cisco Unified Contact Center Domain Manager are both products of Cisco Corporation. Management Portal is an intuitive and secure Web-based application that allows supervisors and managers to meet the complex and changing demands of the contact...
CVE-2021-24918
The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...
CVE-2021-24918
The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages...
CVE-2021-23193
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...
CVE-2021-23193
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...
Input validation
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...
CVE-2021-23193
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...