Fortinet FortiSIEM 安全漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation, and unified management. A security vulnerability exists in Fortinet FortiSIEM that stems from...

CVE-2023-34111

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

Command injection

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111 Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111 Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111 Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111

The CVE-2023-34111 entry concerns a command-injection in the taosdata/grafanaplugin Release PR Merged GitHub Action workflow. Insecurely passing the PR title via ${{ github.event.pull_request.title }} into a bash command allows an attacker to execute arbitrary code within the workflow context, po...

CVE-2023-33457

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

CVE-2023-33457

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

CVE-2023-33457

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

Buffer overflow

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

PT-2023-24347 · Sogou · Sogou Workflow

Name of the Vulnerable Software and Affected Versions: Sogou Workflow version 0.10.6 Description: The issue is related to a buffer-overflow that may cause a crash. This occurs when a negative size is used in the memcpy function within the URIParser::parse function. Recommendations: For Sogou...

Sogou Workflow 安全漏洞

Sogou Workflow is a C++ parallel computing and asynchronous networking engine from China's Sogou Sogou. A security vulnerability exists in Sogou Workflow version v0.10.6, which stems from a negative memcpy in URIParser::parse, which could lead to a buffer overflow...

CVE-2023-33457

In Sogou Workflow v0.10.6, CVE-2023-33457 arises from memcpy being called with a negative size in URIParser::parse, leading to a buffer overflow and crash. Affected product: Sogou Workflow (v0.10.6). Impact is high (CVE CVSS 3.1: 8.8) with potential for memory corruption due to improper size hand...

CVE-2023-33457

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

PT-2023-24683 · Unknown · Taosdata/Grafanaplugin

Name of the Vulnerable Software and Affected Versions: taosdata/grafanaplugin affected versions not specified Description: The issue concerns a command injection vulnerability in the Release PR Merged workflow. This vulnerability allows for arbitrary code execution within the GitHub action contex...

CVE-2023-33457

In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash...

Security Bulletin: Multiple security vulnerabilities in bootstrap.js may affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow packages a vulnerable version of bootstrap.js. Vulnerability Details CVEID:CVE-2018-20677 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the affix configuration target property. A remot...

Security Bulletin: Multiple vulnerabilities in angular.js may affect IBM Business Automation Workflow ( CVE-2019-14863, CVE-2020-7676, CVE-2019-10768)

Summary IBM Business Automation Workflow packages a vulnerable version of angular js. Vulnerability Details CVEID:CVE-2019-14863 DESCRIPTION: Angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability ...