UBUNTU-CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 EOL...

Apollo Authorization Issues Vulnerabilities

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload course assignments. An authorization issue vulnerability exists in Apollo versions 2.0.0 and 2.0.1, which stems from the inclusion of unknown functions in...

CVE-2022-31200

creationtimestamp| type| source ---|---|--- 2023-07-27 22:28:45+00:00| seen| https://t.me/cibsecurity/67342...

Jenkins Plugin SAML Single Sign On(SSO) 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2023-28727

Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers...

SUSE CVE-2021-44569

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

UBUNTU-CVE-2022-43440

Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...

CVE-2014-0144

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privilege...

GHSA-QMHJ-M29V-GVMR Bots using py-cord as Discord API wrapper are vulnerable to shutdowns through remote code execution

Impact py-cord is a an API wrapper for Discord written in Python. Bots using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...

OpenSearch Security 安全漏洞

OpenSearch Security is an OpenSearch plugin for providing encryption, authentication and authorization. A security vulnerability exists in OpenSearch Security version 2.0.0.0, 2.1.0.0. An attacker has exploited the vulnerability to disclose sensitive information...

CVE-2021-29837

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204913...

The vulnerability of Juniper Networks Junos OS routers of the MX, EX9200, and SRX4600 series lies in deficiencies in handling exceptional states, which allows an attacker to trigger a service failure.

The vulnerability of Juniper Networks Junos OS routers of the MX, EX9200, and SRX4600 series is related to deficiencies in handling exceptional states during packet processing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

DEBIAN-CVE-2021-33192

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 inclusive...

Command Execution Vulnerability in JYmusic v2.0.0

JYmusic is an open source cross-platform music management system. JYmusic v2.0.0 suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the web server...

CVE-2017-10103

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

Unspecified Vulnerability in IBM IMS Enterprise Suite Data Provider for Microsoft .NET

IBM IMS Enterprise Suite Data Provider for Microsoft .NET is a solution from IBM USA that provides Microsoft .NET based applications to access and manipulate IMS data. The solution supports access to IMS data from .NET applications using standard SQL queries and handling of IMS connected links an...

CVE-2016-3468

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install...

Cisco Virtual Topology System Denial of Service Vulnerability

Cisco Virtual Topology System VTS is the United States Cisco Cisco a set of standards-based, open for virtual and physical infrastructure for automated data center network structure configuration management and provisioning system. A security vulnerability exists in Cisco VTS versions 2.00 and...

Red Hat Enterprise Application Platform Cross-Site Request Forgery Vulnerability

Red Hat Enterprise Application Platform is the United States Red Hat Red Hat, Inc. of a set of open source , J2EE-based middleware platform , which is mainly used to build, deploy and host Java applications and services. A cross-site request forgery vulnerability exists in Red Hat Enterprise...

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libgmodule-20-0-64bit package of the SUSE Linux Enterprise operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...