Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O versions 5.0 to 5.5, which is caused by an...

PT-2022-19603 · WordPress · Wordpress Infinite Scroll – Ajax Load More

Name of the Vulnerable Software and Affected Versions: WordPress Infinite Scroll – Ajax Load More plugin versions up to, and including, 5.5.3 Description: The issue allows authenticated attackers with administrative privileges to download arbitrary files hosted on the server due to insufficient...

CVE-2020-4159

IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339...

IBM QRadar Network Security 信任管理问题漏洞

IBM QRadar Network Security is a network security manager from IBM, USA. used to provide better visibility and control over activities and users on the network, while using deep packet inspection, heuristics and behavior-based analysis to detect and prevent advanced threats.IBM QRadar Network...

WordPress plugin Google Authenticator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. A cross-site scripting vulnerability exists in versions of WordPress prior to Google Authenticator...

CVE-2022-34174

In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...

CVE-2022-30155

Windows Kernel Denial of Service Vulnerability...

CVE-2022-29455

DOM-based Reflected Cross-Site Scripting XSS vulnerability in Elementor's Elementor Website Builder plugin = 3.5.5 versions...

CVE-2022-30551

creationtimestamp| type| source ---|---|--- 2022-05-20 16:36:40+00:00| seen| https://t.me/cibsecurity/43049...

Cedar Gate EZ-NET 跨站脚本漏洞

Cedar Gate EZ-NET is an Internet portal application from Cedar UK. A cross-site scripting vulnerability exists in The Cedar Gate EZ-NET 6.5.5, 6.6.3, 6.7.0, and 6.8.0 that stems from The Cedar Gate EZ-NET 6.5.5, and 6.8.0 having a call to display messages to the user that do not correctly clean u...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the Smart...

PT-2021-23726 · Kaseya +1 · Kaseya Unitrends Backup Appliance +1

Name of the Vulnerable Software and Affected Versions: Kaseya Unitrends Backup Appliance versions prior to 10.5.5 Description: An issue was discovered in the Unitrends Windows agent, which was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed...

CVE-2020-4152

IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle techniques. IBM X-Force ID: 17467...

CVE-2021-35658

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-35573

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-35574

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

Oracle Outside In Technology 输入验证错误漏洞

Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...

Oracle Outside In Technology 输入验证错误漏洞

Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...

PortlandLabs Concrete Cms 路径遍历漏洞

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS 8.5.5 and earlier is vulnerable to path traversal, which can be exploited by attackers to cause remote code execution via uploaded PHP code...

PortlandLabs Concrete CMS 路径遍历漏洞

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS 8.5.5 and earlier has a security vulnerability that could be exploited by an attacker to cause path traversal in RCE via an external form by adding regular...