org.bouncycastle:bcmail-debug-jdk14 (>=1.81 <=1.83) potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-debug-jdk14 (>=1.81 <=1.83)

org.bouncycastle:bcpkix-debug-jdk14 MAVEN version =1.81, =1.81, =1.83 Source cves: CVE-2026-5588 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075255...

UBUNTU-CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

WordPress iCalendrier Plugin <= 1.80 is vulnerable to Cross Site Scripting (XSS)

Software iCalendrier Type Plugin Vulnerable versions = 1.80 Fixed in 1.81 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29912 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 149ae9093141 Credits LVT-tholv2k Required privilege Contributor...

Jenkins Generic Webhook Trigger Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in Jenkins Generic Webhook Trigger Plugin 1.81 and earlier versions, which...

PT-2022-17125 · Jenkins · Jenkins Generic Webhook Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Generic Webhook Trigger Plugin versions 1.81 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. This occurs because the build cause is not properly escaped when using the webhook. Attacke...

HPE IlO Amplifier Pack 路径遍历漏洞

HPE IlO Amplifier Pack is a database management software for use in clustered environments from HPE, USA. The software supports Gen8, Gen9 and Gen10 Hewlett Packard Enterprise with automatic firmware and driver updates, manual or automatic recovery of firmware-corrupted systems, and maximizes...

UBUNTU-CVE-2020-24916

CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection...

CVE-2019-6584

A vulnerability has been identified in SIEMENS LOGO!8 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx, SIEMENS LOGO!8 6ED1052-xyy08-0BA0 FS:01 / Firmware version V1.82.02. The integrated webserver does not invalidate the Session ID upon user logout. An attacker that...

PT-2018-10598 · Windscribe +1 · Windscribe +1

Name of the Vulnerable Software and Affected Versions: Windscribe version 1.81 Description: The issue concerns the VPN component in Windscribe, which uses the OpenVPN client and creates a system process named WindScribeService.exe. This process establishes a named pipe endpoint,...

WindScribe Denial of Service Vulnerability

WindScribe is a suite of VPN software for anonymously connecting to the Internet. A security vulnerability exists in WindScribe version 1.81. An attacker can exploit this vulnerability with the help of \pipe\WindscribeService URL to gain access or cause a denial of service. \pipe\WindscribeServic...

CPUID CPU-Z Information Disclosure Vulnerability

CPUID CPU-Z is a free software package for collecting information about system devices. A security vulnerability exists in CPUID CPU-Z version 1.81 and earlier, which stems from the program assigning incorrect access rights to the kernel mode driver. An attacker could exploit the vulnerability to...