14 matches found
CVE-2025-10715 APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components
A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.apeedication. The manipulation results in improper export of android application components. The attack...
Linux Distros Unpatched Vulnerability : CVE-2020-13345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.8. Reflected XSS on Multiple Routes CVE-2020-13345 Note that Nessus relies on the...
Mattermost has Potential Server Crash due to Unvalidated Import Data
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.0, 10.9.x = 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature...
PT-2025-34258 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 10.10.x through 10.10.0 Mattermost versions 10.9.x through 10.9.3 Description: The application fails to sanitize file names, potentially...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.8.3 and prior 10.8.x, 10.5.8 and prior 10.5.x, 9.11.17 and prior 9.11.x, and 10.9.2 and prior 10.9.x, which stems from an uncleaned path...
PT-2024-16701 · Nec · Univerge Ix +1
Name of the Vulnerable Software and Affected Versions: NEC Corporation UNIVERGE IX versions Ver9.2 through Ver10.10.21 NEC Corporation UNIVERGE IX versions Ver10.8 through Ver10.8.27 NEC Corporation UNIVERGE IX versions Ver10.9 through Ver10.9.14 NEC Corporation UNIVERGE IX-R/IX-V version Ver1.2....
PT-2024-15179 · Thales · Thales Safenet Authentication Client
Name of the Vulnerable Software and Affected Versions: Thales SafeNet Authentication Client versions prior to 10.8 R10 Description: A flaw in the software allows an attacker to execute code at a SYSTEM level via local access on Windows. Recommendations: For versions prior to 10.8 R10, update to...
WordPress plugin WP TripAdvisor Review Slider SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...
CVE-2022-38203
Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeratio...
CVE-2022-29487
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...
PT-2022-9908 · Esri · Esri Arcreader
Name of the Vulnerable Software and Affected Versions: Esri ArcReader versions 10.8.1 and earlier Description: An out-of-bounds read issue exists when parsing a specially crafted file, allowing an unauthenticated attacker to induce an information disclosure issue in the context of the current use...
CVE-2021-29103
A reflected Cross Site Scripting XXS vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
PT-2020-13486 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 10.8 and later Description: An issue has been discovered in GitLab, specifically a reflected XSS on multiple routes. Recommendations: For GitLab versions 10.8 and later, update to a version that includes a fix for this issue...
CVE-2018-10653
There is an XML External Entity XXE Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3...