CVE-2023-36825 Orchid Deserialization of Untrusted Data vulnerability leads to Remote Code Execution

Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the state query parameter,...

CVE-2023-36825 Orchid Deserialization of Untrusted Data vulnerability leads to Remote Code Execution

Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the state query parameter,...

PT-2023-3609 · Orchid · Orchid

Name of the Vulnerable Software and Affected Versions: Orchid versions 14.0.0-alpha4 through 14.4.x Description: A vulnerability is present in the Orchid package, related to the deserialization of untrusted data from the state query parameter, which can result in remote code execution. The issue...

Default configuration

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure ...

CVE-2022-29567 Possible information disclosure inside TreeGrid component with default data provider

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure ...

Possible information disclosure inside TreeGrid component with default data provider

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure ...

CVE-2021-32700

Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via MiTM against users. Http connections did not make use of TLS and certificate checking was ignored...

Views Dynamic Fields Code Issue Vulnerability

Drupal is the Drupal community of a set of open source content management system developed using the PHP language . Views Dynamic Fields is used in one of the field filtering display module . A code issue vulnerability exists in Drupal Views Dynamic Fields 7.x-1.0-alpha4 and earlier versions for...

MDVA-2009:271 : k3b

Mandriva 2010 includes k3b 1.68 alpha3 and the stable release won't be ready before a long time, this update introduces the Aplha4 version, with lot's of bugfixes and some new features including: New features Added close buttons on project tabs 159751 Added support for new libmpcdec API 214149...