6 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-23519
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain...
PT-2024-30846 · Geek Code · Geek Code Lab Login As Users
Name of the Vulnerable Software and Affected Versions: Geek Code Lab Login As Users versions 1.4.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to unauthorized...
SUSE CVE-2022-23519
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's...
SUSE CVE-2022-23520
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds which can lead to remote code execution. This issue derives from the way JavaScript engines render when handling objects in...
PT-2021-19865 · Unknown · Pterodactyl Wings
Name of the Vulnerable Software and Affected Versions: Pterodactyl Wings versions prior to 1.4.4 Description: The issue concerns system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended, causing downstream impacts...