13 matches found
PT-2026-4891
Name of the Vulnerable Software and Affected Versions datavane tis versions prior to 4.3.0 Description An issue exists in datavane tis related to a loop with an unreachable exit condition, resulting in an infinite loop. This condition is present in the ChangeDomainAction.Java file within the...
CVE-2017-18880
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the titlelink field of a Slack attachment...
CVE-2025-56008
Cross site scripting XSS vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions...
Flask-AppBuilder 安全漏洞
Flask-AppBuilder is a simple and fast application development framework. A security vulnerability exists in Flask-AppBuilder versions prior to 4.3.2, which can be exploited by an attacker to trigger a database error by adding special characters to the Add, Edit user form...
PT-2023-15436 · Unknown · Quantumcloud Ai Chatbot Plugin
Name of the Vulnerable Software and Affected Versions: QuantumCloud AI ChatBot plugin versions prior to 4.3.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 4.3.0,...
CVE-2022-25772
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
AZL-8968 CVE-2022-0891 affecting package libtiff for versions less than 4.3.0-2
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
AZL-8529 CVE-2022-0562 affecting package libtiff for versions less than 4.3.0-2
Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...
DEBIAN-CVE-2019-19960
In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks...
CVE-2018-16671
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...
Apple iOS, tvOS and watchOS Kernel Local Information Disclosure Vulnerability
Apple iOS, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. kernel is one of the kernel components. A security vulnerability exists in the Kernel componen...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
NETGEAR Multiple Product Catalog Traversal Vulnerability
NETGEAR is an American Netgear company, a manufacturer of computer networking equipment and other computer hardware. NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, SRX5308 devices with firmware versions prior to 4.3.3-8 have a directory traversal vulnerability in scgi-bin/platform.cgi that could allow a...