Lucene search
K

106 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/08/06 4:10 p.m.14 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

7.5CVSS10AI score0.99019EPSS
Exploits18Affected Software1
OpenVAS
OpenVAS
added 2025/07/10 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-7622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS9AI score0.99019EPSS
Exploits19References4
CBLMariner
CBLMariner
added 2025/04/08 9:13 p.m.11 views

CVE-2019-11358 affecting package orangefs for versions less than 2.9.7-7

CVE-2019-11358 affecting package orangefs for versions less than 2.9.7-7. A patched version of the package is available...

6.1CVSS7.4AI score0.87218EPSS
Exploits4
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.542 views

jQuery 3.3.1 - Prototype Pollution & XSS Exploit

Exploit Title: jQuery Prototype Pollution & XSS Exploit CVE-2019-11358 & CVE-2020-7656 Google Dork: N/A Date: 2025-02-13 Exploit Author: xOryus Vendor Homepage: https://jquery.com Software Link: https://code.jquery.com/jquery-3.3.1.min.js Version: 3.3.1 Tested on: Windows 10, Ubuntu 20.04, Chrome...

6.1CVSS7.4AI score0.87218EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.340 views

📄 jQuery 3.3.1 Cross Site Scripting

jQuery version 3.3.1 proof of concept exploit that demonstrates cross site scripting via improper script handling and prototype pollution. Exploit Title: jQuery Prototype Pollution & XSS Exploit CVE-2019-11358 & CVE-2020-7656 Google Dork: N/A Date: 2025-02-13 Exploit Author: xOryus Vendor Homepag...

6.1CVSS6.3AI score0.87218EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:0 a.m.57 views

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

7.5CVSS7.4AI score0.99019EPSS
Exploits17Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-11358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an...

6.1CVSS6.8AI score0.87218EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.11 views

openSUSE Security Advisory (openSUSE-SU-2024:0231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.87218EPSS
Exploits5References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/11 4:24 p.m.25 views

Security Bulletin: Vulnerabilities in the jquery-1.10.0.js package affect Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in the jquery-1.10.0.js package used in Data Replication on Cloud Pak for Data were addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing option elements from...

6.9CVSS7.5AI score0.99019EPSS
Exploits15Affected Software1
CBLMariner
CBLMariner
added 2025/02/10 4:8 p.m.14 views

CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4

CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4. A patched version of the package is available...

6.1CVSS7.4AI score0.87218EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.18 views

Oracle Siebel Server (April 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI jackson-databind. Supported versions that are affected are...

8.1CVSS6.9AI score0.87218EPSS
Exploits5References7
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/11 11:31 a.m.38 views

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 20 4.2.0.20 Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in persistent watchers handling. By...

7.5CVSS9.6AI score0.99019EPSS
Exploits21Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2024/08/23 12:0 a.m.12 views

Security update for python-notebook (moderate)

openSUSE Security Update: Security update for python-notebook Announcement ID: openSUSE-SU-2024:0231-1 Rating: moderate References: 1227583 Cross-References: CVE-2019-11358 CVE-2021-32798 CVSS scores: CVE-2019-11358 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2021-32798 NVD : 9.6...

10CVSS7.7AI score0.87218EPSS
Exploits5References1
OSV
OSV
added 2024/08/02 10:51 a.m.17 views

OPENSUSE-SU-2024:0231-1 Security update for python-notebook

This update for python-notebook fixes the following issues: - Update to 5.7.11 sanitizer fix CVE-2021-32798 boo1227583 - Update to 5.7.10 no upstream changelog - Update to 5.7.9 Update JQuery dependency to version 3.4.1 to fix security vulnerability CVE-2019-11358 Update from preact to React...

10CVSS6.9AI score0.87218EPSS
Exploits5References4
CBLMariner
CBLMariner
added 2024/07/24 12:12 a.m.33 views

CVE-2019-11358 affecting package python-pygments for versions less than 2.7.4-1

CVE-2019-11358 affecting package python-pygments for versions less than 2.7.4-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS7.2AI score0.87218EPSS
Exploits4
OSV
OSV
added 2024/05/15 9:8 p.m.35 views

GHSA-JRPW-8884-2747 eZ Platform Bundled jQuery affected by CVE-2019-11358

In eZ Platform 2.x, ezsystems/ezplatform-admin-ui-assets before v4.2.0 includes jQuery version 3.3.1. This version of jQuery is affected by the security vulnerability https://www.cvedetails.com/cve/CVE-2019-11358/ This is fixed in jQuery version 3.4. We recommend that you upgrade your...

6.1CVSS6.3AI score0.87218EPSS
Exploits4References4
Github Security Blog
Github Security Blog
added 2024/05/15 9:8 p.m.62 views

eZ Platform Bundled jQuery affected by CVE-2019-11358

In eZ Platform 2.x, ezsystems/ezplatform-admin-ui-assets before v4.2.0 includes jQuery version 3.3.1. This version of jQuery is affected by the security vulnerability https://www.cvedetails.com/cve/CVE-2019-11358/ This is fixed in jQuery version 3.4. We recommend that you upgrade your...

6.1CVSS6.3AI score0.87218EPSS
Exploits4References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:40 a.m.54 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using jQuery 3.2.1 is vulnerable to Cross Site Scripting - CVE-2019-11358

Summary Applications using jQuery before 3.4.0 are vulnerable cross site scripting for CVE-2019-11358. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Jazz Reporting Service Vulnerability Details CVEID:CVE-2019-113...

6.1CVSS6.8AI score0.87218EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.38 views

Debian dla-3551 : otrs - security update

"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3551 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3551-1 [email protected]...

9.8CVSS7.3AI score0.99019EPSS
Exploits18References66
Debian
Debian
added 2023/08/31 12:20 a.m.45 views

[SECURITY] [DLA 3551-1] otrs2 security update

Debian LTS Advisory DLA-3551-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin August 31, 2023 https://wiki.debian.org/LTS Package : otrs2 Version : 6.0.16-2+deb10u1 CVE ID : CVE-2019-11358 CVE-2019-12248 CVE-2019-12497 CVE-2019-12746 CVE-2019-13458 CVE-2019-16375...

9.8CVSS7AI score0.99019EPSS
Exploits18
Rows per page
Query Builder