13 matches found
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...
CVE-2026-33519
The CVE-2026-33519 entry concerns Esri Portal for ArcGIS versions 11.4–12.0. A flaw in authorization checks allows improper permission validation for developer credentials, enabling misuse of permissions and the potential generation of Portal Administrator tokens by low-privilege users. The issue...
CVE-2026-33519
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials...
Linux Distros Unpatched Vulnerability : CVE-2023-0042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab...
WordPress plugin Greenshift–animation and page builder blocks 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
IBM Security Guardium 安全漏洞
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management, and streamlined audit process building. A security vulnerability exists in IBM Security Guardium...
CVE-2024-51465 IBM App Connect Enterprise Certified Container command execution
IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request...
CVE-2023-47710
IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 27152...
PT-2024-4810 · Ibm · Ibm Security Guardium
Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 11.4 through 12.0 Description: The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to exploit it and potentially disclose credentials within a trusted session...
CVE-2023-22275
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interactio...
Security Bulletin: IBM Security Guardium is affected by a number of security vulnerabilities in Netty, which is used by Guardium (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137)
Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-21290 DESCRIPTION: Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sending a specially-crafted request, a...
postgresql: Stack-based buffer overflow via setting a password
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the...
Design/Logic Flaw
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...