Reportico 安全漏洞

Reportico is an open source PHP report designer from the individual developer Peter Deed. A security vulnerability exists in Reportico Web prior to version v.8.1.0 that originates from a vulnerability that allows a local attacker to execute arbitrary code and obtain sensitive information...

PT-2024-13452 · Reportico · Reportico

Name of the Vulnerable Software and Affected Versions: Reportico versions prior to 8.1.0 Description: The issue allows attackers to obtain sensitive information or other system information via the project parameter. This is a SQL Injection vulnerability, which means attackers can inject malicious...

SUSE CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

parse-url 安全漏洞

parse-url is an advanced url parser with git url support by the individual developer Ionică Bizău. A security vulnerability exists in parse-url prior to version 8.1.0, which stems from the fact that parse-url incorrectly parses the https url that follows it, identifying its protocol as ssh, and...

CVE-2022-26070

When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0...

CVE-2019-11583

The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...