109 matches found
EUVD-2019-8892
Malware in sbrugna...
EUVD-2019-8891
Malware in sbrugna...
EUVD-2018-10242
Malware in sbrugna...
EUVD-2023-41044
Malicious code in bioql PyPI...
CVE-2025-2533
IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...
CVE-2023-47650
Cross-Site Request Forgery CSRF vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1...
GitLab 12.1 < 13.5.6 / 13.6 < 13.6.4 / 13.7 < 13.7.2 (CVE-2021-22167)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository...
BIT-GITLAB-2023-0483
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible for a project maintainer to extract a Datadog integration API key by modifying the site...
CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities
The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...
NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX584986l)
The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 12.1, 12.1-FIPS before 12.1-55.302-FIPS, 13.0 before 13.0-92.21, 13.1 before 13.1-51.15, 13.1-FIPS before 13.1-37.176-FIPS, or 14.1 before 14.1-12.35. It is, therefore, affected by multiple...
How to Configure Advanced Syslog Integration Options
Purpose This article documents advanced configuration options for syslog integration with Veeam Backup & Replication, a new feature starting in version 12.1. Solution The following advanced configuration options are available: Add BOM Before MSG Field Add the Unicode byte order mask BOM before th...
CVE-2023-47650
Cross-Site Request Forgery CSRF vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1...
CVE-2023-4710 TOTVS RM Portal cross site scripting
A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned t...
CVE-2023-4709 TOTVS RM Portal Login.aspx cross site scripting
A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The complexity of an...
PT-2023-30298 · Totvs · Totvs Rm
Name of the Vulnerable Software and Affected Versions: TOTVS RM version 12.1 Description: A problematic vulnerability has been found in the Portal component of TOTVS RM, specifically in the Login.aspx file. The issue arises from the manipulation of the VIEWSTATE argument, leading to cross-site...
TOTVS Code Injection Vulnerability
TOTVS is a complete human resource management solution from TOTVS Brazil. A code injection vulnerability exists in TOTVS version 12.1, which stems from the fact that incorrect manipulation of the VIEWSTATE parameter can lead to cross-site scripting...
PT-2023-25790 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SEACMS version 12.1 Description: A stored cross-site scripting XSS issue in the Site Setup module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For SEACMS version 12.1, update the Site Setup...
CVE-2023-27489 Stored cross site scripting via SVG file upload in Kiwi TCMS
Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS accepts SVG files uploaded by users which could potentially contain JavaScript code. If SVG images are viewed directly, i.e. not rendered in an HTML page, this JavaScript code could execute. This...
GitLab 12.1 < 15.3.5, 15.4 < 15.4.4, 15.5 < 15.5.2 Information Exposure Vulnerability
GitLab is prone to an information exposure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...
CVE-2022-3483
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access token by modifying the...