14 matches found
GHSA-4JRW-64VR-7G8M Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
EUVD-2023-2021
Malicious code in bioql PyPI...
EUVD-2023-2034
Malicious code in bioql PyPI...
CVE-2023-34093
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34235
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
Design/Logic Flaw
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34093
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
SUSE SLED11 / SLES11 Security Update : mozilla-nspr (SUSE-SU-2015:1444-1)
mozilla-nspr was update to version 4.10.8 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...