1096 matches found
CVE-2024-47875 vulnerabilities
Vulnerabilities for packages: argo-workflows, opensearch-dashboards-fips...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
CVE-2024-45919
CVE-2024-45919 affects Solvait 24.4.2. The vulnerability arises from a flaw in the /AssignToMe/SetAction endpoint where manipulating Request ID and Action Type can bypass approval workflows, enabling privilege escalation and potential access to sensitive data or fraudulent approvals. Connected so...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
GHSA-PXG6-PF52-XH8X vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, argo-workflows, vitess, kubeflow-centraldashboard, kubeflow-pipelines, jitsucom-jitsu, thingsboard, kibana, sqlpad...
CVE-2024-47764 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards, argo-workflows, vitess, kubeflow-centraldashboard, kubeflow-pipelines, jitsucom-jitsu, thingsboard, kibana, sqlpad...
CVE-2024-8263
An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. Thi...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...
PT-2024-38898 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.17 GitHub Enterprise Server versions prior to 3.11.15 GitHub Enterprise Server versions prior to 3.12.9 GitHub Enterprise Server versions prior to 3.13.4 GitHub Enterprise Server versions prior ...
Unspecified Vulnerability in JetBrains YouTrack (CNVD-2025-16856)
JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...
CVE-2024-47159
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project...
CVE-2024-47159
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project...
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...
GHSA-MMHX-HMJR-R674 vulnerabilities
Vulnerabilities for packages: argo-workflows...
GHSA-MMHX-HMJR-R674 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, argo-workflows, opensearch-dashboards-fips...
CVE-2024-45801 vulnerabilities
Vulnerabilities for packages: argo-workflows...
CVE-2024-45801 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, argo-workflows, opensearch-dashboards-fips...
ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.1.0), ai.driftkit:driftkit-chat-assistant-framework (>=0.5.0 <=0.8.7) +2674 more potentially affected by CVE-2024-38816 via org.springframework:spring-webmvc (>=6.1.0 <=6.1.12)
org.springframework:spring-webmvc MAVEN version =6.1.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =1.12.0, =1.14.0 - ai.yda-framework:rest-spring-channel =0.1.0 and more Source cves: CVE-2024-38816 Source advisory: OSV:GHSA-CX7F-G6MP-7...
Description of the security update for SharePoint Server 2019: September 10, 2024 (KB5002639)
Description of the security update for SharePoint Server 2019: September 10, 2024 KB5002639 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, and Microsoft SharePoint Server denial of service vulnerability. To learn more about the...