1925 matches found
Apache Superset Input Validation Error Vulnerability
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset before 3.1.3, version 4.0.0, which originates from a vulnerability that could allow an authenticated attacker to create a...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
CORSAIR iCUE Security Vulnerabilities
CORSAIR iCUE is a PC monitoring and RGB lighting control software from CORSAIR. It allows you to control and customize compatible RGB lighting devices, fans, keyboards, mice, headphones, and more. A security vulnerability exists in CORSAIR iCUE version 5.9.105 that originates from allowing an...
PT-2024-28005 · Unknown · The Algorithms
Name of the Vulnerable Software and Affected Versions: The Algorithms - C versions through e5dad3f Description: The issue is related to a segmentation fault caused by deep recursion in the binary insertion sort.c file. This may impact common use cases, such as sorting an array of 50 elements...
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...
CVE-2024-31398
CVE-2024-31398 affects Cybozu Garoon 5.0.0 to 5.15.2. The issue is an information disclosure where sensitive data can be exposed from the user list when an attacker who can log in to the product exploits the flaw (insertion of sensitive information into sent data). The connected sources confirm t...
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users...
CVE-2024-31404
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...
CVE-2024-31404
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...
CVE-2024-31404
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler...
CVE-2024-31404
CVE-2024-31404 affects Cybozu Garoon 5.5.0–6.0.0. The issue is a Scheduler browsing restriction bypass that may let an authenticated user view Scheduler data. Impact: information disclosure by a logged-in user. Remediation: update Cybozu Garoon to the latest version per vendor guidance. (Public s...
CVE-2024-31400
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded mail...
CVE-2024-31400
Cybozu Garoon 5.0.0–5.15.0 contains an information-disclosure vulnerability where sensitive data can be left in forwarded mail (CVE-2024-31400). Red Hat and other sources confirm the issue affects information sent via mail and can lead to unintended data exposure. The root cause is described as i...
CVE-2024-32811
CVE-2024-32811 affects the WordPress plugin USPS Shipping for WooCommerce – Live Rates by Octolize. It exposes sensitive information via log files when logging data (Insertion of Sensitive Information into Log File). Affected versions are from n/a through 1.9.4. CVSS v3.1 base score 5.3 (Network,...
Golang < 1.21.11, 1.22.x < 1.22.4 Multiple Vulnerabilities
The version of Golang running on the remote host is prior to 1.21.11 or 1.22.x prior to 1.22.4. It is, therefore, is affected by multiple vulnerabilities: - archive/zip: mishandling of corrupt central directory record allows for the insertion of code and contents depending on the implementation...
CVE-2024-24192
robdns commit d76d2e6 was discovered to contain a heap overflow via the component block-filename at /src/zonefile-insertion.c...
CVE-2024-24195
robdns commit d76d2e6 was discovered to contain a misaligned address at /src/zonefile-insertion.c...