613 matches found
CVE-2024-21864
CVE-2024-21864 affects Intel Arc and Iris Xe Graphics software prior to version 31.0.101.5081. The underlying issue is improper neutralization in the graphics software, which could allow an unauthenticated user to escalate privileges via adjacent network access. Affected products are Intel Arc an...
Intel Arc 和 Iris Xe 安全漏洞
Intel Iris Xe and Intel Arc are both products of Intel Corporation, the United States of America.Intel Iris Xe is a display chip that is integrated inside a central processor.Intel Arc is a family of graphics cards. A security vulnerability previously existed in Intel Arc and Iris Xe version...
Intel Arc & Iris Xe Graphics Software Advisory - Lenovo Support US
No description provided...
Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
Intel® Arc™ & Iris® Xe Graphics Software Advisory
Summary: Potential security vulnerabilitiy in some Intel® Arc™ & Iris® Xe Graphics software may allow escalation of privilege. Intel is releasing updates to mitigate these potential vulnerability. Vulnerability Details: CVEID: CVE-2024-21864 Description: Improper neutralization in some Intel® Arc...
CVE-2024-25624 iris-web vulnerable to Server Side Template Injection in reports
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection SSTI. Successful exploitation of the vulnerability c...
CVE-2024-25624
CVE-2024-25624 affects Iris (iris-web) and is due to improper Jinja2 environment setup causing Server Side Template Injection (SSTI). An authenticated administrator must upload a crafted report template; when a weaponized report is generated, any user can trigger the vulnerability, potentially le...
CVE-2024-25624 iris-web vulnerable to Server Side Template Injection in reports
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection SSTI. Successful exploitation of the vulnerability c...
CVE-2024-25624 iris-web vulnerable to Server Side Template Injection in reports
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection SSTI. Successful exploitation of the vulnerability c...
PT-2024-21044 · Iris · Iris
Name of the Vulnerable Software and Affected Versions: Iris versions prior to 2.4.6 Description: Iris is a web collaborative platform that helps incident responders share technical details during investigations. Due to an improper setup of the Jinja2 environment, reports generation in iris-web is...
Iris 代码注入漏洞
Iris is a fast, simple but fully featured and very efficient Go web framework. A security vulnerability exists in Iris versions prior to v2.4.6, which stems from an improperly configured environment that is susceptible to server-side template injection SSTI, and successful exploitation of which c...
CVE-2024-25640
Iris is a web collaborative platform that helps incident responders share technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.4.0. The vulnerability may allow an attacker to...
Cross site scripting
Iris is a web collaborative platform that helps incident responders share technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.4.0. The vulnerability may allow an attacker to...
CVE-2024-25640 Improper Neutralization of Alternate XSS Syntax in iris-web
Iris is a web collaborative platform that helps incident responders share technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.4.0. The vulnerability may allow an attacker to...
CVE-2024-25640 Improper Neutralization of Alternate XSS Syntax in iris-web
Iris is a web collaborative platform that helps incident responders share technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.4.0. The vulnerability may allow an attacker to...
CVE-2024-25640
CVE-2024-25640 affects iris-web prior to version 2.4.0, where a stored XSS flaw exists at multiple locations. The underlying issue allows an authenticated attacker to inject scripts that execute when a user visits affected pages. Impact is consistent with XSS exposure leading to potential data ac...
PT-2024-21061 · Iris-Web · Iris-Web
Name of the Vulnerable Software and Affected Versions: iris-web versions prior to 2.4.0 Description: A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations. The vulnerability may allow an attacker to inject malicious scripts into the...
Iris Security Breach
Iris is a fast, simple, yet full-featured and very efficient Go networking framework. A security vulnerability exists in Iris versions prior to v2.4.0. An attacker exploiting this vulnerability could inject malicious script into an application, which could lead to unauthorized access, data theft,...
Malicious code in iris-front-test-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ed1b8ea683be3ab1a06938511d841bfbd293b36b9a8bcccedd6d794a2af3f85 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-50712
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attack...