18 matches found
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, 11.2.2 and earlier 11.2.x series, as well as 10.11.10 and earlier 10.11.x series, have security vulnerabilities. These vulnerabilities...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, 11.2.2 and earlier 11.2.x series, as well as 10.11.10 and earlier 10.11.x series, have security vulnerabilities. These vulnerabilities...
CVE-2025-57870 BUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services.
A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Service operation. Successful exploitation can...
PT-2025-43271
Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions 11.3 through 11.5 Description A SQL Injection issue exists in Esri ArcGIS Server. This allows a remote, unauthenticated attacker to execute arbitrary SQL commands through a specific ArcGIS Feature Service operation...
CVE-2024-51957
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...
CVE-2024-51947
There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...
CVE-2023-30435
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...
CVE-2021-39076
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585...
CVE-2021-1063
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x prior to 8.6 and version 11.0 pri...
PT-2020-14477 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.3 through 13.1.2 Description: The issue is related to Incorrect Access Control in GitLab EE due to the Maven package upload endpoint. This allows for unauthorized access. Recommendations: For GitLab EE versions 11.3...
CVE-2019-4237
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419...
GitLab CE/EE Information Disclosure Vulnerability (CNVD-2018-26961)
GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. An information...
CVE-2017-8951
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found...
IBM InfoSphere Information Server XML External Entity Injection Vulnerability
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An XML external entity injection vulnerability exists in IBM InfoSphere Information Server versions 9.1,...
CVE-2017-1467
A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466...
CVE-2016-8303
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...
Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00949)
Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...
Unspecified Vulnerability in Oracle Solaris Cluster Component (CNVD-2016-09783)
Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in the Kernel/X86 subcomponent of the Solaris component of the Oracle Sun Systems Products Suite, versions 10 and...