29 matches found
CVE-2023-46307
Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...
com.github.wmixvideo:nfe (>=3.1.40 <=4.0.41), com.github.zuinnote:hadoopoffice-flinkts_2.11 (=1.7.0) +239 more potentially affected by CVE-2023-44483 via org.apache.santuario:xmlsec (>=3.0.0 <=3.0.2)
org.apache.santuario:xmlsec MAVEN version =3.0.0, =3.1.40, =2022.5.1, =2022.5.1, =2022.5.1, =2022.5.1, =2022.5.1, =2.1.0, =2.0.0, =2.0.0, =2.0.0, =2.4.0 and more Source cves: CVE-2023-44483 Source advisory: OSV:GHSA-XFRJ-6VVC-3XM2...
CVE-2023-38679
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. Thi...
SUSE CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
Veritas NetBackup 安全漏洞
Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...
GHSA-43M6-WVC8-2M7J Mattermost Server's Session ID and Session Token are potentially compromised
An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled...
ALPINE-CVE-2019-8322
An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur...
GHSA-QRMC-FJ45-QFC2 Prototype Pollution in extend
Versions of extend prior to 3.0.2 for 3.x and 2.0.2 for 2.x are vulnerable to Prototype Pollution. The extend function allows attackers to modify the prototype of Object causing the addition or modification of an existing property that will exist on all objects. Recommendation If you're using...
CVE-2017-2179
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182...