1440 matches found
VulnCheck KEV: CVE-2000-0325
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability...
CVE-2024-3347
A vulnerability was found in SourceCodester Airline Ticket Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file activatejetdetailsformhandler.php. The manipulation of the argument jetid leads to sql injection. The attack may be initiated...
PT-2024-25274 · Sourcecodester · Sourcecodester Airline Ticket Reservation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Airline Ticket Reservation System version 1.0 Description: A critical issue affects the processing of the file activate jet details form handler.php, where the manipulation of the jet id argument leads to sql injection. The...
SourceCodester Airline Ticket Reservation System SQL注入漏洞
Airline Ticket Reservation System is a ticket reservation system. A SQL injection vulnerability exists in SourceCodester Airline Ticket Reservation System version 1.0, which is caused by a SQL injection vulnerability in the jetid parameter of the activatejetdetailsformhandler.php file...
GitHub: Source Code and data exfiltration via Github Copilot
The vulnerability was caused by insecure output handling in the Copilot client interfaces. A prompt injection attack was able to result in data exfiltration. The vulnerability was addressed by only rendering images from trusted domains and adding interstitial modals to inform users about link...
Hazelcast Platform permission checking in CSV File Source connector
Impact In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem. Patches Fix...
Anduril’s New Drone Killer Is Locked on to AI-Powered Warfare
Autonomous drones are rapidly changing combat. Anduril’s new one aims to gain an edge with jet power and AI...
Siemens JT2GO 安全漏洞
Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A type confusion vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code in the...
jet-nassau.com Cross Site Scripting vulnerability OBB-3657346
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jet-sea.ca Cross Site Scripting vulnerability OBB-3503779
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hazelcast: Hazelcast connection caching
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
jet-line.co.jp Cross Site Scripting vulnerability OBB-3286611
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hazelcast: Hazelcast connection caching
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
hazelcast: Hazelcast connection caching
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
CVE-2022-36437
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
Design/Logic Flaw
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...
CVE-2022-36437
CVE-2022-36437 pertains to Hazelcast and Hazelcast Jet where the Connection handler can be exploited by a remote unauthenticated attacker to access and manipulate data in the cluster using another authenticated connection’s identity. Affected Hazelcast versions: up to 4.0.6, 4.1.9, 4.2.5, 5.0.3, ...
Hazelcast 授权问题漏洞
Hazelcast Hazelcast IMDG is a set of scalable open source data distribution platform of the U.S. Hazelcast company . The platform supports a variety of distributed data structures, distributed caching and other features. A security vulnerability exists in Hazelcast and Hazelcast Jet that stems fr...