1344 matches found
@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +330 more potentially affected by CVE-2023-48219 via tinymce (>=4.5.1 <=5.10.8)
tinymce NPM version =4.5.1, =0.1.2, =0.3.7, =0.1.17, =1.0.0, =1.0.0, =1.33.0, =1.0.0-alpha.39-baliz, =4.3.0, =0.5.0, =0.1.0, =0.0.4, =0.1.2, =0.8.4, =0.8.5 and more Source cves: CVE-2023-48219 Source advisory: OSV:GHSA-V626-R774-J7F8...
Fedora 39 : icecat (2023-035866b576)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-035866b576 advisory. - Release 115.3.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora 38 : icecat (2023-7342330743)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7342330743 advisory. - Release 115.3.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Security Bulletin: Multiple Angular vulnerabilities affects IBM Tivoli Business Service Manager (CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2022-25869, CVE-2022-25844)
Summary Angular is shipped with IBM Tivoli Business Service Manager as a component of it's dashboard interface. Information about security vulnerabilities affecting Angular has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-26116 DESCRIPTION: AngularJS is vulnerable t...
CVE-2023-26270
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2023-26270
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
Sql injection
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2023-26270
CVE-2023-26270 affects IBM Guardium Data Encryption (GDE) Guardium Cloud Key Manager (GCKM) 1.10.3. The root cause is an Angular template injection flaw that could allow a remote attacker to execute arbitrary code. IBM and related sources list the remediation as upgrading to GCKM 1.10.4. Public r...
CVE-2023-26270 IBM Security Guardium Data Encryption code execution
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
CVE-2023-26270 IBM Security Guardium Data Encryption code execution
IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute...
GHSA-QFW7-PFXX-H9Q2 OpenNMS vulnerable to Cross-site Scripting
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....
OpenNMS vulnerable to Cross-site Scripting
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....
CVE-2023-40311
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....
Cross site scripting
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....
Security Bulletin: IBM MQ is affected by multiple Angular JS vulnerabilities.
Summary IBM MQ has resolved multiple Angular JS vulnerabilities CVE-2022-25844, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2022-25869. Angular JS is used in Dashboard Web Console. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a denial of...
GHSA-R3HF-Q8Q7-FV2P Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory
Impact Angular Universal applications on 16.1.0 and 16.1.1 using critical CSS inlining are vulnerable to a cross-site scripting XSS attack where an attacker can trick another user into visiting a page which injects malicious JavaScript. Angular CLI applications without Universal do perform critic...
Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory
Impact Angular Universal applications on 16.1.0 and 16.1.1 using critical CSS inlining are vulnerable to a cross-site scripting XSS attack where an attacker can trick another user into visiting a page which injects malicious JavaScript. Angular CLI applications without Universal do perform critic...
@0x0bit/sails-hook-redis (>=0.1.1 <=0.1.2), @driscode/cs2-lib (>=5.8.1-driscode-5 <=5.9.0-driscode-52) +137 more potentially affected by CVE-2023-38504 via sails (>=0.10.5 <=1.5.17)
sails NPM version =0.10.5, =0.1.1, =5.8.1-driscode-5, =3.0.0, =1.0.0, =0.0.1-prerelease, =1.1.8, =0.0.0, =0.0.0, =1.0.0, =1.3.2 - barmecide =0.0.5 - cacrypt =0.0.1 and more Source cves: CVE-2023-38504 Source advisory: OSV:GHSA-GPW9-FWM8-7RX7...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Angular
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Angular. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the $resource service...
Updated glances packages fix security vulnerability
Regular Expression Denial of Service ReDoS in angular CVE-2022-25844...