5 matches found
Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the lack of exposure of the HMAC-SHA256 signing key in the SDK's typed API, which prevents verification of the X-AxonFlow-Signature header on incoming webhook deliveries. An attack...
PT-2026-36882
Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions prior to 7.0.0-rc3 Description The Script Runner widget allows users to execute Python and Ruby scripts directly from the 'openc3-COSMOS-script-runner-api' container. Since all Docker containers share a network, users ca...
Allocation of Resources Without Limits or Throttling
Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Allocation of Resources Without...
PT-2023-1582 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.0 Description: The issue is related to a Path Traversal vulnerability in the setup.php file of OpenEMR. This vulnerability allows remote unauthenticated users to read arbitrary files by controlling a connection t...
PT-2018-5273 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr versions prior to 7.0.0 Description: The issue is a Cross Site Scripting XSS vulnerability in Product details, which can result in the execution of javascript code. Recommendations: For versions prior to 7.0.0, update to version 7.0....