Aimeos GrapesJS CMS 跨站脚本漏洞

Aimeos GrapesJS CMS is a content management system for Aimeos Individual Developers. A cross-site scripting vulnerability exists in Aimeos GrapesJS CMS, which stems from the potential injection of JavaScript code when CSP is disabled, potentially leading to a stored cross-site scripting attack. T...

PT-2025-44460

Name of the Vulnerable Software and Affected Versions Anheng Mingyu Operation and Maintenance Audit and Risk Control System versions prior to 2023-08-10 Description The software contains a server-side request forgery SSRF issue in the xmlrpc.sock handler. The system is susceptible to specially...

Valmet DNA 安全漏洞

Valmet DNA is a platform for automation and information systems from the Finnish company Valmet. In this single platform, process control, machine control, quality control, drive control and equipment condition monitoring systems are covered. A security vulnerability exists in Valmet DNA versions...

Microsoft Azure uAMQP Code Injection Vulnerability

Microsoft Azure uAMQP is a library from Microsoft Corporation USA. A code injection vulnerability exists in versions of Microsoft Azure uAMQP prior to 2023-12-01, which stems from a vulnerability that allows an attacker to cause an integer overflow or memory security issue by sending specially...

PT-2023-31416 · Beyondtrust · Beyondtrust Privilege Management For Windows

Name of the Vulnerable Software and Affected Versions: BeyondTrust Privilege Management for Windows versions prior to 2023-07-14 Description: The Challenge Response feature allows local administrators to bypass it by decrypting the shared key or locating the decrypted shared key in process memory...

Eclipse IDE code problem vulnerability

Eclipse IDE is a cross-platform open source integrated development environment from the Eclipse Foundation of Canada. A security vulnerability exists in versions of Eclipse IDE prior to 2023-09 4.29, which stems from the fact that certain files containing xml content are susceptible to a variety ...

NXP Semiconductors i.MX 8M Security Vulnerability

The NXP Semiconductors i.MX 8M is a system-on-module from NXP Semiconductors of the Netherlands. A security vulnerability exists in the NXP Semiconductors i.MX 8M U-Boot Secondary Program Loader SPL prior to version 2023.07. An attacker could exploit the vulnerability to escalate privileges...

CVE-2023-35068

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BMA Personnel Tracking System allows SQL Injection. This issue affects Personnel Tracking System: before 20230904...

PT-2023-19832 · WordPress · Stop Spammers Security

Name of the Vulnerable Software and Affected Versions: The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin versions prior to 2023 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltere...

WordPress plugin Stop Spammers Security | Block Spam Users, Comments, Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-24860 · Dokuwiki +1 · Dokuwiki +1

Name of the Vulnerable Software and Affected Versions: DokuWiki versions prior to 2023-04-04a Description: The issue allows for XSS via RSS titles. Recommendations: For versions prior to 2023-04-04a, update to a version released after 2023-04-04a to resolve the issue...

PT-2023-20777 · Linagora · Linagora/Twake

Name of the Vulnerable Software and Affected Versions: linagora/twake versions prior to 2023.Q1.1223 Description: The issue is related to improper restriction of excessive authentication attempts. Recommendations: For versions prior to 2023.Q1.1223, update to version 2023.Q1.1223 or later to...

Lexmark 安全漏洞

Lexmark is a line of printers in the United States. A security vulnerability exists in Certain Lexmark devices version 2023-02-19 and prior versions, which arises from Lexmark devices accessing resources using incompatible types...

Lexmark 代码问题漏洞

Lexmark is a line of printers in the United States. A security vulnerability exists in Lexmark products version 2023-01-12 and prior versions that stems from a lack of input validation...

PT-2023-15957 · Linagora · Linagora/Twake

Name of the Vulnerable Software and Affected Versions: linagora/twake versions prior to 2023.Q1.1200+ Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation, allowing attackers to...