7341 matches found
PT-2025-36157
Name of the Vulnerable Software and Affected Versions: SwiftNinjaPro Developer Tools Blocker versions through 3.2.1 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to perform actions on behalf of an authenticated user without their knowledge...
WordPress plugin Developer Tools Blocker 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2025-41057
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/richtexteditor...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the page parameter in /apprain/developer/addons. An attacker can execute arbitrary scripts in the context of the authenticated user's browser by crafting malicious input. Details Cross-site scripting or XSS ...
appRain CMF 跨站脚本漏洞
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF, which is caused by improper validation of user input on the /apprain/developer/addons/update/960grid endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF 跨站脚本漏洞
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/commonresource endpoint. An attacker could use this vulnerability to steal the victim's cookie-based...
appRain CMF 跨站脚本漏洞
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input on the /apprain/developer/addons/update/uploadify endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
appRain CMF 跨站脚本漏洞
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/dialogs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
...
HCL Compass 安全漏洞
HCL Compass is a low-code change management software from HCL India. Managing the full range of testing activities and integration with developer tools. HCL Compass suffers from a security vulnerability that stems from could lead to unauthorized access to the database by an attacker...
Linux Distros Unpatched Vulnerability : CVE-2023-2069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions...
Malicious code in anti-developer-nghinv235 (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41534 Malicious code in anti-developer-nghinv235 (npm)
--- -= Per source details. Do not edit below this line.=-...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.
Red Hat Developer Hub 1.6.4 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
Developer verification: a promised lift for Android security
To reduce the number of harmful apps targeting Android users, Google has announced that certified Android devices will require all apps to be registered by verified developers in order to be installed. But this new measure is not just about malware that's found on the Google Play Store, it’s main...
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require all apps to be registered by verified developers in order to be installed by users on certified...
Solaris 10 (i386): 152979-07
SunOS 5.10: Oracle Developer Studio 12.6x86: Patch for Compiler Common compon. Date this patch was last updated by Sun : Jul/10/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description...
Linux Distros Unpatched Vulnerability : CVE-2020-13341
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer...
Solaris 10 (sparc): 152715-14
SunOS 5.10: Oracle Developer Studio 12.6: Patch for C++ Compiler 5.15. Date this patch was last updated by Sun : Jan/18/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255274;...
Solaris 10 (i386): 152716-14
SunOS 5.10: Oracle Developer Studio 12.6x86: Patch for C++ Compiler 5.15. Date this patch was last updated by Sun : Jan/18/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description...