7327 matches found
EUVD-2025-204604
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...
CVE-2025-67712
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...
CVE-2025-67712 HTML injection issue in ArcGIS Web App Builder
There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...
CVE-2025-67712
CVE-2025-67712 is an HTML injection issue affecting Esri ArcGIS Web AppBuilder developer edition before 2.30. The vulnerability could allow a remote, unauthenticated attacker to entice a user to click a link that causes arbitrary HTML to render in the victim’s browser; there is no evidence of Jav...
Sokol 安全漏洞
Sokol is a platform interface for Andre Weissflog Personal Developer. A security vulnerability exists in Sokol that stems from a misbehavior of the function sgpipelinecommoninit, which could lead to a heap buffer overflow...
Lazarus Group Embed New BeaverTail Variant in Developer Tools
North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update...
Moderate: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update.
An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Prototype Pollution flaw due to lodash.clonedeep
Summary lodash.clonedeep is used by BM watsonx Orchestrate Developer Edition as part of images: agentic-task-manager, wxo-builder-ui, wxo-connections Vulnerability Details CVEID:CVE-2018-16487 DESCRIPTION: A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge,...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Improper Input Validation due to postcss
Summary postcss is used by IBM watsonx Orchestrate Developer Edition as part of wxo-chat Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepa...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Inefficient Regular Expression Complexity due to nth-check
Summary nth-check is used by IBM watsonx Orchestrate Developer Edition as part of wxo-chat image Vulnerability Details CVEID:CVE-2021-3803 DESCRIPTION: nth-check is vulnerable to Inefficient Regular Expression Complexity CWE:CWE-1333: Inefficient Regular Expression Complexity CVSS Source: IBM...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to HTTP Request Smuggling (HRS) due to gunicorn
Summary gunicorn is used by IBM watsonx Orchestrate Developer Edition as part of wxo-rag-tool image Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads ...
Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Denial of Service (DoS) due to tar
Summary tar is used by IBM watsonx Orchestrate Developer Edition as part of image: tools-runtime Vulnerability Details CVEID:CVE-2024-28863 DESCRIPTION: node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process...