CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system developed by the German company CGM. CGM CLININET has a security vulnerability, which stems from the absence of necessary security HTTP headers in responses. This vulnerability may lead to client-side attacks such as clickjacking, MIME...

EUVD-2022-6389

Malicious code in bioql PyPI...

CVE-2025-24795 The Snowflake Connector for Python uses insecure cache files permissions

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...

CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

PT-2022-6869 · Microsoft +1 · Internet Explorer +1

Name of the Vulnerable Software and Affected Versions: angular versions prior to the fixed version Description: The issue is related to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, allowing interpolation of elements. This occurs because the application...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...

Security Bulletin: API Connect is affected by insecure caching (CVE-2018-1874)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1874 DESCRIPTION: IBM API Connect could display highly sensitive information to an attacker with physical access to the system. CVSS Base Score: 4.6 CVSS Temporal Score: See for the current...

Insecure Caching

webargs uses insecure caching. Parsed JSON body is stored in a short-lived cache that would cause incorrect JSON payloads to be parsed for concurrent requests due to the cache not being thread-safe...

OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound...

OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound...