28 matches found
CVE-2026-39530
Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...
CVE-2026-39530
CVE-2026-39530 involves the WordPress plugin SpeakOut! Email Petitions, affecting versions
MiracleLinux 7 : python-lxml-3.2.1-4.0.1.el7.AXS7 (AXSA:2024-8989:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8989:01 advisory. CVE-2021-43818: prevent certain crafted script content passing through in HTML Cleaner CVEs: CVE-2021-43818 lxml is a library for processing XML and HTML in...
EUVD-2018-7363
Malware in sbrugna...
EUVD-2023-43896
Malicious code in bioql PyPI...
EUVD-2024-2898
Malicious code in bioql PyPI...
CVE-2024-48913
Hono, a web framework, prior to version 4.6.5 is vulnerable to bypass of cross-site request forgery CSRF middleware by a request without Content-Type header. Although the CSRF middleware verifies the Content-Type Header, Hono always considers a request without a Content-Type header to be safe. Th...
CVE-2023-3218
Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Apache Tomcat (CVE-2022-42252).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Apache Tomcat caused by the failure to reject a request containing an invalid Content-Length header when configured to ignore invalid HTTP headers via setting rejectIllegalHeader to...
Race condition
Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Java
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Java . Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in VMware Tanzu Spring Framework
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of VMware Tanzu Spring Framework. IBM has addressed the. vulnerability. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By...
PYSEC-2021-852
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant...
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant...
Elastic Kibana < 4.6.5, 5.x < 5.5.2 XSS Vulnerability (ESA-2017-16) - Linux
Kibana is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...
SUSE-SU-2020:1273-1 Security update for grafana
This update for grafana to version 4.6.5 fixes the following issues: Security issues fixed: - CVE-2019-15043: Added authentication to a few rest endpoints jscSOC-10357, bsc1148383. - CVE-2018-19039: Fixed File Exfiltration vulnerability jscSOC-9976 bsc1115960. - CVE-2018-15727: Fixed an LDAP and...
Grafana 4.1.0 < 4.6.5, 5.0 < 5.3.3 Information Disclosure Vulnerability
Grafana is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
Grafana Information Disclosure Vulnerability
Grafana is a set of open source monitoring tools that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus and so on. An information disclosure vulnerability exists in Grafana versions prior to 4.6.5 and 5.x versions prior to 5.3....
Elastic Kibana 'CVE-2017-11499' DoS Vulnerability - Linux
Elastic Kibana is shipping a version of Node.js which is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Elastic Kibana 'CVE-2017-11499' DoS Vulnerability - Windows
Elastic Kibana is shipping a version of Node.js which is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...