EUVD-2022-29509

Malicious code in bioql PyPI...

CVE-2023-21949

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

CVE-2024-5866

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch...

Delinea Centrify PAS Security Vulnerability

Delinea Centrify PAS is a privileged access management solution from Delinea USA. A security vulnerability exists in Delinea Centrify PAS version v.21.3 that stems from vulnerability to a path traversal vulnerability that allows listing arbitrary directories outside of the application root...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2022-34832

An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component...

VERMEG Agile Reporter Security Breach

VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG. A security vulnerability exists in VERMEG Agile Reporter version 21.3 that originates from an attacker being able to gain privileges by injecting cross-site scripting XSS into an Add Comment operation in the Activity log...

VERMEG Agile Reporter Security Breach

VERMEG Agile Reporter is a hybrid of pre-packaged modules from VERMEG, Inc. A security vulnerability exists in VERMEG Agile Reporter version 21.3 that originates from an administrator being able to inject cross-site scripting XSS into the Analysis component...

PT-2023-13422 · Vermeg · Vermeg Agilereporter

Name of the Vulnerable Software and Affected Versions: VERMEG AgileReporter version 21.3 Description: An issue was discovered in the Analysis component, allowing an admin to enter an XSS payload. Recommendations: For VERMEG AgileReporter version 21.3, consider restricting access to the Analysis...

PT-2023-13423 · Vermeg · Vermeg Agilereporter

Name of the Vulnerable Software and Affected Versions: VERMEG AgileReporter version 21.3 Description: An issue was discovered in VERMEG AgileReporter where attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log. Recommendations: For VERMEG AgileReporter...

Oracle Database Server Security Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the Oracle Database Sharding component of Oracle Database...

CVE-2023-21949

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. When an incoming TCP packet destined to the device is malformed there is a...

Juniper Networks Junos OS和Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos...

PT-2022-20638 · WordPress · Frontend File Manager Plugin

Name of the Vulnerable Software and Affected Versions: Frontend File Manager Plugin WordPress plugin versions prior to 21.3 Description: The issue allows any authenticated users to rename a file to an arbitrary extension, such as PHP, which could enable them to upload arbitrary files on the serve...

WordPress plugin Frontend File Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...

CVE-2022-21508

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks...

CVE-2022-21508

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks...

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation Oracle. Enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. An information disclosure vulnerability exists in the Security and Provisioning component of...

CVE-2022-25241

In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery CSRF...