CVE-2024-2420

LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...

Elastic Security Statement for CVE-2024-3094, xz versions 5.6.0 and 5.6.1

Elastic Products are not affected by this issue. On March 29th, 2024, Elastic became aware of the malicious code planted in the xz package. Elastic has performed an investigation to identify any Elastic Products which may be impacted by this issue and we have concluded that no Elastic products us...

Vulnerability fixed in liblzma (XZ Utils)

Malicious code has been found in liblzma XZ Utils software. XZ Utils is used for compression of data and may be present in Linux distributions. The vulnerability has been labeled CVE-2024-3094 and has been found in versions 5.6.0 and 5.6.1 of XZ Utils. A malicious party can exploit the...

CVE-2022-44589

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in miniOrange miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login.This issue affects miniOrange's Google Authenticator – WordPress Two Factor...

SUSE CVE-2017-11479

Kibana versions prior to 5.6.1 had a cross-site scripting XSS vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users...

PT-2022-8579 · Bodhi · Bodhi

Name of the Vulnerable Software and Affected Versions: Bodhi versions prior to 5.6.1 Description: Two cross-site scripting issues were fixed. Recommendations: For versions prior to 5.6.1, update to version 5.6.1 to resolve the issue...

Keybase Desktop Client Security Vulnerability

Keybase is a social networking platform that supports end-to-end encryption based on PGP technology. A security vulnerability exists in the Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, which allows an attacker to obtain potentially sensitive media in the...

Sokrates SOWA SowaSQL 跨站脚本漏洞

sokrates Sokrates SOWA SowaSQL is an administrative database applied to the library environment by the Polish company sokrates. A cross-site scripting vulnerability exists in Sokrates SOWA SowaSQL version 5.6.1 and earlier versions, which originates from the sowacgi.php typ parameter, OPAC is...

Unspecified Vulnerability in OMERO.server

OMERO.server is an image server from the Open Microscopy Environment team. A security vulnerability exists in OMERO.server versions prior to 5.6.1, which can be exploited by an attacker with a specially crafted query to bypass security filters and access hidden objects...

UBUNTU-CVE-2020-11609

An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xxpb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93...

CVE-2016-4168

Cross-site scripting XSS vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2024-56121

This CVE-2024-56121 entry is rejected/not used; it does not represent an active vulnerability.