14 matches found
Grist 安全漏洞
Grist is a modern relational spreadsheet open-sourced by Grist. A security vulnerability exists in Grist versions prior to 1.7.7, which stems from a partial read permission user having access to the full document change history, potentially leading to the disclosure of sensitive information...
EUVD-2022-5215
Malicious code in bioql PyPI...
PT-2025-26196 · Versa · Versa Director
Name of the Vulnerable Software and Affected Versions: Versa Director affected versions not specified Description: The Versa Director software exposes several services by default, including ssh and postgres, which can provide an easy foothold for attackers due to default credentials and multiple...
CVE-2019-16904
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. The crafted password is exploitable when viewing the change history of the item or tapping on the item...
Security Bulletin: TADDM Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)
Abstract Java API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...
TeamPass Cross-site Scripting (XSS) vulnerability
TeamPass 2.1.27.36 allows XSS by setting a crafted password for an item in a folder, and then sharing that item with an admin. The crafted password is exploitable when viewing the change history, or the previous used password field...
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2329)
Summary An Oracle database server vulnerability has been addressed by BM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2329 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the XML DB component could allow an authenticated attacker to take control of the...
new module: subversion:1.14
Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. This enhancement update adds the subversion:1.14 module to AlmaLinux BZ1844947 For detail...
Cross site scripting
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. The crafted password is exploitable when viewing the change history of the item or tapping on the item...
Security Bulletin: Information disclosure in WebSphere Application Server Admin Console in IBM Cloud (CVE-2019-4269)
Summary There is an information disclosure in the Admin Console of WebSphere Application Server. Vulnerability Details CVEID: CVE-2019-4269 DESCRIPTION: IBM WebSphere Application Server Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes...
Security Bulletin: Rational Service Tester file or path name vulnerability
Summary A security vulnerability exists in IBM Rational Service Tester that potentially allows access to system files. The vulnerability has been eliminated in the latest version of IBM Rational Service Tester. Vulnerability Details | Subscribe to My Notifications to be notified of important...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM ILOG Optimization Decision Manager Enterprise (CVE-2017-1194)
Summary IBM WebSphere Application Server is shipped as a component of IBM ILOG ODM Enterprise. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Cross-site...
Identity Governance 12.6 Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Security Notice for CA Identity Governance CA Technologies support is alerting customers to a potential risk with CA Identity Governance. A vulnerability exists that can potentially allow a malicious actor to conduct cross-site scripting...
CA20100304-01: Security Notice for CA SiteMinder
CA20100304-01: Security Notice for CA SiteMinder Issued: March 04, 2010 CA's support is alerting customers to a security risk with CA SiteMinder. Multiple cross site scripting XSS vulnerabilities exist that can allow a remote attacker to potentially gain sensitive information. CA has provided...