CVE-2023-31223

Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars...

PT-2023-23244 · Dradis · Dradis

Name of the Vulnerable Software and Affected Versions: Dradis versions prior to 4.8.0 Description: The issue allows persistent XSS by authenticated author users, related to avatars. Recommendations: For versions prior to 4.8.0, update to version 4.8.0 or later to resolve the issue. As a temporary...

CVE-2021-3150

A cross-site scripting XSS vulnerability on the Delete Personal Data page in Cryptshare Server before 4.8.0 allows an attacker to inject arbitrary web script or HTML via the user name. The issue is fixed with the version 4.8.1...

CVE-2020-7339

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

PT-2020-19565 · Mcafee · Mcafee Database Security Server/Sensor

Name of the Vulnerable Software and Affected Versions: McAfee Database Security Server and Sensor versions prior to 4.8.0 Description: The issue is related to the use of a broken or risky cryptographic algorithm in the form of a SHA1 signed certificate. This could allow an attacker on the same...

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...