8540 matches found
CVE-2024-3318 SailPoint Identity Security Cloud Connector File Path Traversal Vulnerability
A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources...
CVE-2024-3319 Security implication in SailPoint Identity Security Cloud IdentityProfile API Endpoints
An issue was identified in the Identity Security Cloud ISC Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator to execute user-defined templates as part of attribute transforms which could allow remote code execution on the host...
SailPoint Identity Security Cloud 安全漏洞
SailPoint Identity Security Cloud is a secure identity platform from SailPoint, Inc. A security vulnerability exists in SailPoint Identity Security Cloud that stems from allowing authenticated administrators to execute user-defined templates as part of an attribute transformation, allowing remote...
PT-2024-40061 · Laravel · Laravel
Name of the Vulnerable Software and Affected Versions: Laravel versions prior to 6.18.34 Laravel versions prior to 7.23.2 Description: A security issue was found in Laravel where it was possible to mass assign Eloquent attributes that included the model's table name. This could lead to unexpected...
PT-2024-25145 · Sailpoint · Sailpoint Identity Security Cloud
Name of the Vulnerable Software and Affected Versions: SailPoint Identity Security Cloud affected versions not specified Description: An issue was identified in the Identity Security Cloud ISC Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator ...
CVE-2024-4481
The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the plugin's blocks in all versions up to, and including, 3.2.36 due to insufficient input sanitization and output escaping on user supplied attributes. This...
DEBIAN-CVE-2024-32611
HDF5 Library through 1.14.3 may use an uninitialized value in H5Aattrreleasetable in H5Aint.c...
UBUNTU-CVE-2024-32611
HDF5 Library through 1.14.3 may use an uninitialized value in H5Aattrreleasetable in H5Aint.c...
AZL-40630 CVE-2024-29161 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 through 1.14.3 contains a heap buffer overflow in H5Aattrreleasetable, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
UBUNTU-CVE-2024-29161
HDF5 through 1.14.3 contains a heap buffer overflow in H5Aattrreleasetable, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
Advisory ROSA-SA-2024-2419
software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...
SUSE CVE-2024-32611
HDF5 Library through 1.14.3 may use an uninitialized value in H5Aattrreleasetable in H5Aint.c...
WordPress Theme Porto 安全漏洞
WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress Theme Porto version 3.1.0 and earlier versions...
WordPress plugin Gutenberg Blocks with AI by Kadence WP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
HDF Group HDF5 安全漏洞
HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 version 1.14.3 and pri...
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
...
RHEL 6 : jinja2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jinja2: HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-22195 - Jinja...
RHEL 7 : jinja2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jinja2: HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-22195 - Jinja...
WordPress Beaver Builder plugin <= 2.8.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photo widget crop attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via photo widget crop attribute vulnerability discovered by Thanh Nam Tran in WordPress Plugin Beaver Builder versions = 2.8.1.2...
PT-2024-31261 · Kadence Wp · Gutenberg Blocks With Ai
Name of the Vulnerable Software and Affected Versions: Gutenberg Blocks with AI by Kadence WP plugin for WordPress versions up to, and including, 3.2.36 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the link...