249 matches found
QNAP QTS Video Station Multiple Vulnerabilities (QSA-24-24)
QNAP Video Station is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:qnap:videostation"; if...
CVE-2024-40985
In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with TCPAOCMDFAOREQUIRED, on version 5 1 of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov...
MongoDB Missing Authorization Check Vulnerability (SERVER-79327) - Windows
MongoDB is prone to a missing authorization check vulnerability in refine collection shard key. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Tessi Docubase Document Management Security Vulnerability
Tessi Docubase Document Management is a document management and process automation software from Tessi. A security vulnerability exists in Tessi Docubase Document Management version 5.x. A remote attacker could exploit the vulnerability to execute arbitrary code via the page parameter...
Tessi Docubase Document Management Security Vulnerability
Tessi Docubase Document Management is a document management and process automation software from Tessi. A security vulnerability exists in Tessi Docubase Document Management version 5.x. A remote attacker could exploit the vulnerability to execute arbitrary code via the filename parameter...
PT-2024-37440 · Unknown · Ez-Suite Ez-Partner
Name of the Vulnerable Software and Affected Versions: EZ-Suite EZ-Partner version 5 Description: A vulnerability has been found in the Forgot Password Handler component, leading to basic cross site scripting. The manipulation can be launched remotely. The vendor was contacted about this disclosu...
CVE-2022-25037
An issue in wanEditor v4.7.11 and fixed in v.4.7.12 and v.5 was discovered to contain a cross-site scripting XSS vulnerability via the image upload function...
Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag
Impact Template authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap. Patches Please upgrade to the most recent version of Smarty v4 or v5. There is no patch for v3...
MongoDB Improper Validation Vulnerability (SERVER-85263) - Linux
MongoDB is prone to an improper validation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...
GHSA-2XP3-57P7-QF4V xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing
Summary Default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/sec-CoreValidation. As such, without additional validation steps, the default configuration allows a...
CVE-2023-6318
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger...
CVE-2023-6319 Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to...
CVE-2023-6318
LG webOS versions 5 through 7 are affected by a command injection in the processAnalyticsReport method of the com.webos.service.cloudupload service, enabling root-level code execution via specially crafted authenticated requests. Affected versions listed include webOS 5.5.0 – 04.50.51, 6.3.3-442,...
Silverstripe Framework Security Vulnerability
silverstripe framework is a set of CMS website frameworks. A security vulnerability exists in Silverstripe Framework versions 4.x prior to 4.13.39 and 5.x prior to 5.1.11, which stems from a user being able to access record headers that they are not authorized to view...
Zope XSS Vulnerability (GHSA-wm8q-9975-xh5v)
Zope is prone to a cross-site scripting XSS vulnerability with SVG images. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Zope XSS Vulnerability (GHSA-m755-gxxg-r5qh)
Zope is prone to a cross-site scripting XSS vulnerability via the title property in the Zope management interface. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Zope Information Disclosure Vulnerability (GHSA-8xv7-89vj-q48c)
Zope is prone to an information disclosure vulnerability through Python SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zope:zope...
SilverStripe CMS Cross-site Scripting vulnerabilities inherited from TinyMCE
TinyMCE 4.x is vulnerable to several XSS vectors, which had been patched in later versions. Two of these have been identified as affecting silverstripe/admin. Only Silverstripe CMS 4 is affected by these vulnerabilities. It's not possible to upgrade Silverstripe CMS 4 to use a more recent release...
CVE-2023-40351
A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...
Apache RocketMQ may have remote code execution vulnerability when using update configuration function
For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by...