221 matches found
PT-2025-14613
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to 9.2 Description The issue is a remote code execution security vulnerability in pgAdmin 4, affecting the Query Tool and Cloud Deployment modules. It is associated with two POST endpoints: "/sqleditor/query...
wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server...
CVE-2025-0799
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories...
The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.
The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the software for deploying and managing cloud-based enterprise systems based on IBM Cloud Pak System allows a hacker to disclose protected information.
The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.
The vulnerability related to deploying and managing the IBM Cloud Pak System based on containers involves the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
GHSA-GPPG-GQW8-WH9G litellm vulnerable to remote code execution based on using eval unsafely
BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the adddeployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sendin...
The vulnerability of the Windows operating system’s deployment process allows attackers to disclose sensitive information that should be protected.
The vulnerability of the Windows operating system’s deployment service exists because measures to neutralize specific elements are not taken. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information...
Description of the Security Update for the spoofing vulnerability in Microsoft Visual Studio 2010 Tools for Office Runtime: August 8, 2023 (KB5029497)
Description of the Security Update for the spoofing vulnerability in Microsoft Visual Studio 2010 Tools for Office Runtime: August 8, 2023 KB5029497 Applies to: Visual Studio 2010 Tools for Office Runtime that is included with Microsoft Office and Visual Studio 2022, 2019, 2017, 2015, and 2013...
SUSE CVE-2011-0788
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors...
SUSE CVE-2013-2400
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744...
SUSE CVE-2013-2418
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...
SUSE CVE-2013-2437
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment...
SUSE CVE-2013-2466
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than...
SUSE CVE-2013-5787
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789,...
SUSE CVE-2014-2409
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment...
SUSE CVE-2014-4265
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment...
SUSE CVE-2014-6493
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532...
SUSE CVE-2014-6503
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532...
SUSE CVE-2015-4902
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment...