CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-4754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Stored XSS. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-4754

CVE-2024-4754 describes a stored cross-site scripting vulnerability in Next4Biz CRM & BPM Software (Business Process Management). The issue arises from improper neutralization of input during web page generation, affecting BPM versions 6.6.4.4 and earlier, with a fix in 6.6.4.5. The CVE entry con...

CVE-2024-4754 Stored XSS in Next4Biz's BPM

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Stored XSS. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-5683 Remote Code Execution in Next4Biz's BPM

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-5683 Remote Code Execution in Next4Biz's BPM

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-5683

CVE-2024-5683 is an improper control of generation of code vulnerability in Next4Biz BPM software. Multiple connected records confirm the issue affects Next4Biz BPM/CRM with vulnerable versions: 6.6.4.4 prior to 6.6.4.5, indicating a flaw in code generation controls that can lead to remote code e...

The vulnerability of the distributed Git version control system, which stems from issues with process management, allows a violator to execute arbitrary code.

The vulnerability of the distributed Git version control system exists due to a problem with process management. Exploiting this vulnerability allows an attacker to execute arbitrary code during the cloning of specially created local repositories...

Important: Red Hat Security Advisory: pmix security update

An update for pmix is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:3008 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

Bonitasoft 安全漏洞

Bonitasoft is an open source BPM software from Bonitasoft. Bonitasoft has a security vulnerability that stems from a lack of dynamic permissions, which leads to an IDOR vulnerability...

Important: Red Hat Security Advisory: pmix security update

An update for pmix is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:2199 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

squid: Incorrect Check of Function Return Value In Helper Process management

A flaw was found in Squid due to an incorrect check of the return value in the helper process management. This issue may allow attackers to perform remote denial of service...

The vulnerability of the PMIx process management interface, related to synchronization errors when using a common resource, allows a perpetrator to gain access to confidential data.

The vulnerability of the PMIx process management interface is related to the execution of code from the library with UID 0. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

ARIS: Business Process Management 10.0.21.0 Cross Site Scripting

Exploit Title: Stored Cross-Site Scripting XSS in ARIS: Business Process Management Edition Version 10.0.21.0 Exploit Author: Seid Yassin Date: 2024-03-28 Vendor: Software AG Software Link: https://aris.com/ Version: ARIS: Business Process Management Description: Discovered a file upload feature...

MGASA-2024-0102 Updated squid packages fix security vulnerabilities

Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...

squid: Incorrect Check of Function Return Value In Helper Process management

A flaw was found in Squid due to an incorrect check of the return value in the helper process management. This issue may allow attackers to perform remote denial of service...

openSUSE: Security Advisory for squid (SUSE-SU-2023:4698-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...