Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.6 views

PT-2023-18404 · Tribe29 · Tribe29 Checkmk Appliance

Name of the Vulnerable Software and Affected Versions: Tribe29 Checkmk Appliance versions prior to 1.6.4 Description: The issue allows authenticated site users to escalate privileges due to incorrectly set permissions. Recommendations: For versions prior to 1.6.4, update to version 1.6.4 or later...

8.8CVSS8.7AI score0.00678EPSS
Exploits0References6
Snyk
Snyk
added 2022/02/15 11:56 p.m.6 views

Allocation of File Descriptors or Handles Without Limits or Throttling

Overview std/mime/multipart is a Go standard library package std/mime/multipart Affected versions of this package are vulnerable to Allocation of File Descriptors or Handles Without Limits or Throttling. Go Vulnerability Report: When parsing large multipart/form-data, an attacker can cause a HTTP...

8.7CVSS6.8AI score0.02078EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/19 12:0 a.m.5 views

PT-2021-3745 · Owasp +1 · Owasp Antisamy +1

Name of the Vulnerable Software and Affected Versions: OWASP AntiSamy versions prior to 1.6.4 Description: The issue allows for cross-site scripting XSS attacks via HTML attributes when using the HTML output serializer. This was demonstrated by a javascript: URL, where the colon character was...

6.1CVSS7AI score0.01513EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.7 views

PT-2020-19748 · Gedi · Gedi

Name of the Vulnerable Software and Affected Versions: gedi versions prior to 1.6.4 Description: The issue concerns Prototype Pollution via the set function. This allows for potential manipulation of object properties, which can lead to various security issues. Recommendations: For versions prior...

9.8CVSS9.5AI score0.01916EPSS
Exploits1References3
Rows per page
Query Builder