PT-2023-23120 · Enterprisedb · Edb Postgres Advanced Server

Name of the Vulnerable Software and Affected Versions: EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 10.23.33 EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 11.18.29 EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 12.13.17 EnterpriseDB EDB...

PowerJob vulnerable to Incorrect Access Control via the create user/save interface.

PowerJob v4.9.3 is vulnerable to Incorrect Access Control via the create user/save interface...

GHSA-C23V-VQW5-52C5 PowerJob vulnerable to Incorrect Access Control via the create user/save interface.

PowerJob v4.9.3 is vulnerable to Incorrect Access Control via the create user/save interface...

Improper access control

PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface...

GHSA-MPVF-6H9G-2HQ2 PowerJob Incorrect Access Control vulnerability

PowerJob v4.3.6 is vulnerable to Incorrect Access Control via the create app interface...

CVE-2023-29921

PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface...

CVE-2023-29921

PowerJob V4.3.1 is affected by Incorrect Access Control via the create app interface, enabling an attacker to create apps without permission. The issue is described in multiple sources (e.g., Red Hat, GHSA/OSV, Veracode) as improper access control. Veracode notes the vulnerable flow through the /...

PT-2023-22478 · Powerjob · Powerjob

Name of the Vulnerable Software and Affected Versions: PowerJob version 4.3.1 Description: The issue is related to Incorrect Access Control via the create app interface. Recommendations: For PowerJob version 4.3.1, consider restricting access to the create app interface until a fix is available. ...

CVE-2023-29921

PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that originates from a corruption of the iscsiswtcpsessioncreate instruction responsible for freeing memory in the SCSI...

CVE-2023-29922

PowerJob V4.3.1 is affected by an Incorrect Access Control vulnerability in the create user/save interface. The root cause is insufficient authorization checks on the /user/save flow, potentially allowing an attacker to bypass authentication and perform unauthorized user creation. Documented deta...

CVE-2022-48178

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...

Cross site scripting

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...

CVE-2022-48178

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...

CVE-2022-48178

X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...

PT-2023-15603

Name of the Vulnerable Software and Affected Versions X2CRM Open Source Sales CRM versions 6.6 through 6.9 Description A stored cross-site scripting XSS issue was found in the Create Action function, specifically via the "index.php/actions/update" URI. This allows for potential malicious script...

DEBIAN-CVE-2023-29580

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasmexprcreate at /libyasm/expr.c...

UBUNTU-CVE-2023-29580

yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasmexprcreate at /libyasm/expr.c...

PT-2023-22320 · Yasm +1 · Yasm +1

Name of the Vulnerable Software and Affected Versions: yasm version 1.3.0.55.g101bc Description: A segmentation violation was discovered in yasm via the component yasm expr create at /libyasm/expr.c. Recommendations: For yasm version 1.3.0.55.g101bc, consider restricting access to the yasm expr...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=saveposition of the component Create News Handler. The manipulation of the argument name with the input alertdocument.cookie...