2424 matches found
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1346)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerability issues affect IBM Spectrum Conductor 2.5.0
Summary This interim fix provides instructions on upgrading third parity libraries in IBM Spectrum Conductor 2.5.0 in order to address security vulnerabilities CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2019-17359, CVE-2019-8331, CVE-2018-1000632, CVE-2018-10237,...
Regular Expression Denial of Service
Overview The GitHub Security Lab team has identified potential security vulnerabilities in jquery-validation. The project contains one or more regular expressions that are vulnerable to ReDoS Regular Expression Denial of Service Recommendation Upgrade to fixed version 1.19.3 or later References -...
Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251
Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023, CVE-2020-11022, and CVE-2015-9251. Affected Version/s: 4.0.3, 4.1.1 Fixed Version/s: 4.1.2, 4.0.4, 4.2.0...
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023 & CVE-2020-11022. Affected Version/s: 4.0.3, 4.1.1 Fixed Version/s: 4.1.2, 4.0.4, 4.2.0...
[R1] Nessus Network Monitor 5.13.0 Fixes One Third-party Vulnerability
Nessus Network Monitor leverages third-party software to help provide underlying functionality. One of the third-party components jQuery was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opt...
AZL-44655 CVE-2021-23337 affecting package js-jquery 3.5.0-4
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function...
AZL-44085 CVE-2020-28500 affecting package js-jquery 3.5.0-4
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions...
Security Bulletin: A security vulnerability has been idenfied in jQuery which affects DataQuant for z/OS (CVE-2019-11358)
Summary A security vulnerability has been identified in jQuery that could affect DataQuant for z/OS. Vulnerability Details CVEID: CVE-2019-11358 CVSS Base Score: 6.1 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with known vulnerabilities (CVE-2020-11023, CVE-2020-11022)
Summary The web server in IBM Security Verify Information Queue ISIQ uses an older version of the jQuery package that has two cross-site scripting vulnerabilities. As of v10.0.0, ISIQ has upgraded to a newer, secure version of jQuery. Vulnerability Details CVEID: CVE-2020-11023 DESCRIPTION: jQuer...
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting XSS vulnerabilities. The affected versions are...
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting XSS vulnerabilities. The affected versions are...
jQuery UI 1.12.1 - Denial of Service (DoS)
Exploit Title: jQuery UI 1.12.1 - Denial of Service DoS Date: 20 Jan, 2021 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://jqueryui.com/ Software Link: https://jqueryui.com/download/ Version: DoS - jQuery UI 1.12.1 DoS - jQuery UI 1.12.1 Exploit PoC by Rafael Cintra Lopes function...
jQuery UI 1.12.1 - Denial of Service Exploit
Exploit Title: jQuery UI 1.12.1 - Denial of Service DoS Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://jqueryui.com/ Software Link: https://jqueryui.com/download/ Version: DoS - jQuery UI 1.12.1 DoS - jQuery UI 1.12.1 Exploit PoC by Rafael Cintra Lopes function exploit for var i = 0...
jQuery UI 1.12.1 Denial Of Service
Exploit Title: jQuery UI 1.12.1 - Denial of Service DoS Date: 20 Jan, 2021 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://jqueryui.com/ Software Link: https://jqueryui.com/download/ Version: DoS - jQuery UI 1.12.1 DoS - jQuery UI 1.12.1 Exploit PoC by Rafael Cintra Lopes function...
Exploit for CVE-2020-28488
CVE-2020-28488 Denial of Service DoS - jQuery UI 1.12.1 - Ex...
Openjs jquery-ui Resource Management Error Vulnerability
Openjs Jquery Ui is a code library from the Openjs Foundation for creating interactive user interfaces based on the Javascript language. A resource management error vulnerability exists in jquery-ui that originates from a browser and application crash when a "dialog" is injected multiple times in...
VulnCheck KEV: CVE-2020-11023
JQuery contains a persistent cross-site scripting XSS vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser...
VulnCheck KEV: CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...
VulnCheck KEV: CVE-2015-9251
jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...