11 matches found
Node.js security vulnerabilities
Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Versions 20, 22, 24, and 25 of Node.js contain security vulnerabilities. These vulnerabilities stem from flaws in the permission model, which could allow attackers to bypass file system...
CVE-2019-11628
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...
EUVD-2019-3298
Malware in sbrugna...
EUVD-2012-4770
Malware in sbrugna...
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...
CVE-2019-11628
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...
CVE-2019-11628
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...
CVE-2019-11628
The CVE affects QlikView Server (pre-11.20 SR19, 12.00, 12.10 before SR11, 12.20 before SR9, 12.30 before SR2) and Qlik Sense Enterprise / Qlik Analytics Platform installations lacking specific patches (Feb 2018 Patch 4, Apr 2018 Patch 3, Jun 2018 Patch 3, Sep 2018 Patch 4, Nov 2018 Patch 4, or F...
CVE-2017-17876
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter...
CVE-2017-17876
Biometric Shift Employee Management System 3.0 is affected. The vulnerability lets remote attackers bypass file-read restrictions via a user=download request with a pathname in the path parameter, enabling local file disclosure. This is corroborated by CNVD/NVD entries and Exploit-DB references (...
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...