CVE-2025-27521

Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS process management module, which can be exploited by an attacker to compromise...

The vulnerabilities of the ReSharper plugin of the Microsoft Visual Studio software, the cross-platform integrated development environment from JetBrains called Rider, the performance profiler dotTrace, and the ETW Host Service at the kernel and application level, related to improper process management, allow attackers to gain elevated privileges.

The vulnerabilities of the ReSharper plugin of the Microsoft Visual Studio software, the cross-platform integrated development environment from JetBrains called Rider, the performance profiler dotTrace, and the kernel-level and application-level Event Tracking Service Host Service are related to...

CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-46479

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, leading to remote code execution...

CVE-2024-33061

Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process...

Oracle Business Process Management Suite (October 2024 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by a vulnerability, as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Composer RequireJS. T...

CentOS 7 : squid (RHSA-2024:1787)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1787 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

The vulnerability of the MongoDB database management system, due to issues with process management, allows attackers to load arbitrary libraries and gain full control over the application.

The vulnerability of the MongoDB database management system exists due to a problem with process management. Exploiting this vulnerability allows an attacker to load arbitrary libraries and gain full control over the application by executing a specially created binary file...

The vulnerability of the Process Management module of the OTRS order processing system allows a hacker to execute XSS attacks.

The vulnerability of the Process Management module of the OTRS request processing system is related to errors in filtering specific elements. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks remotely...

CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

UBUNTU-CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

CVE-2024-43443

CVE-2024-43443 is a cross-site scripting (XSS) vulnerability in OTRS/((OTRS)) Community Edition’s Process Management module caused by improper input neutralization by an admin. Affected versions include OTRS 7.0.X–7.0.50, 8.0.X, 2023.X, 2024.X–2024.5.X, and ((OTRS)) Community Edition 6.0.x. The i...

CVE-2024-43443 Stored XSS in process management

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

CVE-2024-43443 Stored XSS in process management

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

PT-2024-5941 · Otrs Ag · Otrs +1

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.50 OTRS version 8.0.X OTRS version 2023.X OTRS versions 2024.X through 2024.5.X OTRS Community Edition version 6.0.x Description: The issue is related to improper neutralization of input, allowing an attacker...

USN-6857-1 squid3 vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2021-28651 It was discovered that Squid...

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-6857-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6857-1 advisory. Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cau...

CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...