Fedora: Security Advisory for js-jquery-ui (FEDORA-2022-22d8ba36d0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Malicious code in jquery_ui_checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ec7cbc825e540dca6a67d1370e8c9d0cd6d3d116fce5c6fdc5f33f0a66aa780 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jquery_ui_checkbowwx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 355813cd2a93a9e682c5c08d18c2a94a88961692b4d92bb41d931a48b70fcfb3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Dell Wyse Management Suite < 3.7 Multiple Vulnerabilities (DSA-2022-143)

The version of Dell Wyse Management Suite installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the DSA-2022-143 advisory. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of t...

Tenable Nessus 10.x < 10.4.0 Multiple Vulnerabilities (TNS-2022-21)

According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.0. It is, therefore, affected by multiple vulnerabilities, including: - An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially...

[R2] Nessus Version 10.4.0 Fixes Multiple Vulnerabilities

R2 Nessus Version 10.4.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 10/27/2022 - 10:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components select2.js, jQuery UI were found to contain vulnerabilities, and updated versions have...

jQuery UI Cross-site Scripting (CVE-2016-7103)

A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Security Bulletin: API Connect is vulnerable to JQuery-UI Cross-Site Scripting (XSS) (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)

Summary A vulnerable version of JQuery-UI was used by API Connect. The fix includes updated JQuery-UI which addresses CVE-2021-41184, CVE-2021-41183, and CVE-2021-41182. Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by...

jQuery UI Cross-site Scripting (CVE-2021-41184)

A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Security Bulletin: JQuery UI shipped with IBM Tivoli Netcool Impact is vulnerable to XSS (CVE-2022-31160)

Summary JQuery UI is used by IBM Tivoli Netcool Impact as part of its UI framework. Information about a security vulnerability affecting JQuery UI has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting,...

Security Bulletin: IBM Robotic Process Automation is vulnerable to cross site scripting due to jquery-ui (CVE-2022-31160)

Summary jquery-ui is used by IBM Robotic Process Automation as part of the RPA Dashboard. CVE-2022-31160 Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A...

Security Bulletin: Vulnerabilities in Golang Go, PostgreSQL, jQuery, and Google Gson may affect IBM Spectrum Copy Data Management

Summary Vulnerabilities in Golang Go, PostgreSQL, jQuery, and Google Gson such as denial of service, bypassing security restrictions, obtaining sensitive information, cross-site scripting, and execution of arbitrary code may affect IBM Spectrum Copy Data Management. Vulnerability Details...

USN-5181-1: jQuery UI vulnerability

It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. CVE-2021-41184 It was discovered that jQuery U...

USN-5181-1 jqueryui vulnerability

It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. CVE-2021-41184 It was discovered that jQuery U...

Security Bulletin: IBM Aspera Faspex 4.4.2 has addressed multiple security vulnerabilities

Summary This security bulletin addresses multiple security vulnerabilities that have been remediated in IBM Aspera Faspex 4.4.2. Vulnerability Details CVEID:CVE-2021-39275 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the apescapequotes...

jQuery UI Checkboxradio - Moderately critical - Cross site scripting - SA-CONTRIB-2022-052

jQuery UI is a third-party library used by Drupal. The jQuery UI Checkboxradio module provides the jQuery UI Checkboxradio library which was previously in Drupal 8 core, but has since been removed from core and moved to this module. As part of the jQuery UI 1.13.2 update, the jQuery UI project...

Security Bulletin: Multiple vulnerabilities in Jquery-Ui, highcharts, and datatables are affecting QRadar User Behavior Analytics (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-23445, CVE-2021-29489)

Summary There are vulnerabilities in third party packages JQuery-UI, Highcharts, datatables.net affecting User Behavior AnayticsUBA. UBA has been updated to the latest versions of these packages to address these vulnerabilities. Vulnerability Details CVEID:CVE-2021-41182 DESCRIPTION: jQuery...

JQuery UI < 1.13.2 XSS

The version of JQuery UI library hosted on the remote web server is prior to 1.13.2. It is, therefore, affected by a cross-site scripting vulnerability in the JQuery UI that allows remote attackers to inject arbitrary web script or HTML via processing the value of a compromised checkboxradio...

CVE-2022-31160

A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label...

CVE-2022-31160

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...