Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length

Impact Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. Patches Patched in 8.13.16, 10.5.7, 13.2.2, 14.1.2...

Improper Input Validation

Overview Umbraco.Forms is an a form creator that's as easy to use. Affected versions of this package are vulnerable to Improper Input Validation due to the lack of server-side validation for character limits in short and long answer fields. An attacker can bypass client-side validations and submi...

PT-2025-2008 · Beijing Yunfan Internet Technology · Yunfan Learning Examination System

Name of the Vulnerable Software and Affected Versions: Beijing Yunfan Internet Technology Yunfan Learning Examination System version 1.9.2 Description: A problematic issue has been found in the Beijing Yunfan Internet Technology Yunfan Learning Examination System. It affects an unknown function o...

SUSE CVE-2024-45719

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

Oracle Siebel Server (July 2022 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2022 CPU advisory. - Vulnerability in the Siebel Apps - Field Service product of Oracle Siebel CRM component: Smart Answer Apache PDFBox. Supported versions that are affected a...

Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

GHSA-MR95-VFCF-FX9P Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

CVE-2024-45719

CVE-2024-45719 concerns Apache Answer with an Inadequate Encryption Strength vulnerability affecting versions up to 1.4.0. The issue is that IDs generated using UUID v1 can be predictable, reducing token security. The recommended fix is upgrade to version 1.4.1, which closes the flaw. Connected s...

CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...

PT-2024-31737 · Apache · Apache Answer

Name of the Vulnerable Software and Affected Versions: Apache Answer versions through 1.4.0 Description: The issue is related to inadequate encryption strength in Apache Answer, specifically with the use of UUID v1 version for generating ids. This can cause the generated token to be predictable,...

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache USA Foundation. A security vulnerability exists in Apache Answer versions 1.4.0 and earlier, which stems from insufficient cryptographic strength and could result in the generation of tokens that are predictable...

CVE-2024-40853

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls...

CVE-2024-40853

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls...

CVE-2024-40853

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls...

CVE-2024-40853

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls...

PT-2024-29110 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18 iPadOS versions prior to 18 Description: An issue allowed an attacker to potentially use Siri to enable Auto-Answer Calls. This could be exploited on a locked device. Recommendations: For iOS versions prior to 18,...

GO-2024-3158 Apache Answer: Avatar URL leaked user email addresses in github.com/apache/incubator-answer

Apache Answer: Avatar URL leaked user email addresses in github.com/apache/incubator-answer...