Azure Linux 3.0 Security Update: puppet (CVE-2015-1029)

The version of puppet installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-1029 advisory. - The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlie...

PT-2024-9497 · Adobe · Substance3D - Sampler

Name of the Vulnerable Software and Affected Versions: Substance3D - Sampler versions 4.5.1 and earlier Description: The issue is related to a Heap-based Buffer Overflow vulnerability. Exploitation of this issue requires user interaction, where a victim must open a malicious file, potentially...

PT-2024-27294 · Popup Box · Popup Box

Name of the Vulnerable Software and Affected Versions: Popup box versions n/a through 4.5.1 Description: The issue is related to a Missing Authorization vulnerability in Popup Box Team Popup, which allows exploiting incorrectly configured access control security levels. Recommendations: For...

PT-2024-25198 · Unknown · Tvs Connet

Name of the Vulnerable Software and Affected Versions: TVS Connet versions 4.5.1 through 4.5.1 TVS Connet version 5.0.0 Description: An issue in TVS Connet allows a remote attacker to escalate privileges via the Emergency Contact Feature. This issue is disputed as discussed in the...

@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +329 more potentially affected by CVE-2023-45818 via tinymce (>=4.5.1 <=5.10.7)

tinymce NPM version =4.5.1, =0.1.2, =0.3.7, =0.1.17, =1.0.0, =1.0.0, =1.33.0, =1.0.0-alpha.39-baliz, =4.3.0, =0.5.0, =0.1.0, =0.0.4, =0.1.2, =0.8.4, =0.8.5 and more Source cves: CVE-2023-45818 Source advisory: OSV:GHSA-V65R-P3VV-JJFV...

@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +327 more potentially affected by CVE-2022-23494 via tinymce (>=4.5.1 <=5.10.5)

tinymce NPM version =4.5.1, =0.1.2, =0.3.7, =0.1.17, =1.0.0, =1.0.0, =1.33.0, =1.0.0-alpha.39-baliz, =4.3.0, =0.5.0, =0.1.0, =0.0.4, =0.1.2, =0.8.4, =0.8.5 and more Source cves: CVE-2022-23494 Source advisory: OSV:GHSA-GG8R-XJWQ-4W92...

3h1-ui (>=2.14.41 <=3.0.0-next.258), @abt-desk/apm (>=0.0.1 <=0.33.12) +1248 more potentially affected by CVE-2024-21911 via tinymce (>=4.5.1 <=5.5.1)

tinymce NPM version =4.5.1, =2.14.41, =0.0.1, =0.1.0, =0.1.2, =0.3.7, =0.1.7, =0.1.0, =0.0.1, =1.0.0, =0.2.0-0, =1.0.18-beta.8, =1.0.0, =1.2.3-beta.1, =0.1.1, =0.1.11 and more Source cves: CVE-2024-21911 Source advisory: OSV:GHSA-W7JX-J77M-WP65...

@angular-materials/ngx-admin (>=1.0.0 <=1.0.1), @ec.components/tinymce (>=0.5.7 <=0.6.0) +34 more potentially affected by CVE-2019-1010091 via tinymce (>=4.5.1 <=4.8.5)

tinymce NPM version =4.5.1, =1.0.0, =0.5.7, =0.1.1, =0.0.13, =1.3.0, =8.0.0, =0.8.8, =0.6.3, =1.2.0, =1.0.0-alpha.0, =1.1.0, =2.4.1, =4.0.0 and more Source cves: CVE-2019-1010091 Source advisory: OSV:GHSA-C78W-2GW7-GJV3...

CVE-2017-18095

The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 the fixed version 4.5.x and before 4.6.0 allows remote attackers to comment on snippets they do not have authorization to access via an improper authorization vulnerability...

Bugzilla cross-site scripting vulnerability (CNVD-2016-03322)

Bugzilla is the United States Mozilla Foundation developed a set of open-source defect tracking system , it can manage software development defects in the submission new, repair resolve, close close and so on the entire life cycle . A cross-site scripting vulnerability exists in Bugzilla versions...

WordPress has an unspecified vulnerability (CNVD-2016-02898)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress 4.5.1 and earlier versions. The vulnerability can be exploited b...