10 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-21305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and...
CVE-2025-4415
CVE-2025-4415 affects the Drupal Piwik PRO module prior to 1.3.2. The issue is described as Improper Neutralization of Input During Web Page Generation, enabling Cross-Site Scripting (XSS). Affected versions are 0.0.0 through 1.3.2, with public references indicating an authenticated XSS concern (...
Drupal Piwik PRO module < 1.3.2 - Authenticated Cross Site Scripting (XSS) vulnerability
Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Piwik PRO versions 1.3.2...
BACnet Stack Security Vulnerability
BACnet Stack is a BACnet open source protocol stack C library for embedded systems, Linux, MacOS, BSD and Windows. A security vulnerability exists in BACnet Stack versions prior to 1.3.2 that stems from the presence of buffer over-reads...
Microweber 跨站脚本漏洞
Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A cross-site scripting vulnerability exists in Microweber versions prior to 1.3.2, which...
Skylot Jadx 代码问题漏洞
Skylot Jadx is a Dex to Java decompiler. A code issue vulnerability exists in Skylot Jadx that stems from the product's improper restriction on XML external entity references. The following products and versions are affected: Skylot Jadx versions prior to 1.3.2...
Aruba Airwave Software Server-Side Request Forgery Vulnerability
Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A server-side request forgery vulnerability exists in Aruba Airwave Software versions prior to 1.3.2, which allows an attacker t...
Aruba Airwave Software Remote Code Execution Vulnerability
Aruba Airwave Software is a network monitoring software that helps users view real-time data and situational reports for every user, device, and segment of the network. A remote code execution vulnerability exists in Aruba Airwave Software versions prior to 1.3.2. An attacker can exploit this...
CVE-2019-10746
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload...
PYSEC-2018-10
Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request...