11235 matches found
SAP NetWeaver 跨站脚本漏洞
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform mainly for SAP applications to provide development and runtime environment. A cross-site scripting vulnerability exists in SAP NetWeaver Knowledge Management XMLEditor, which stems...
PT-2024-26105 · Sap · Sap Netweaver Knowledge Management Xmleditor
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Knowledge Management XMLEditor affected versions not specified Description: The issue is due to weak encoding of user-controlled input in the SAP NetWeaver Knowledge Management XMLEditor, allowing malicious scripts to be execute...
CVE-2024-6229
A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever an...
CVE-2024-6229
A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever an...
CVE-2024-6229 Stored XSS in stangirard/quivr
A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever an...
CVE-2024-6229 Stored XSS in stangirard/quivr
A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever an...
CVE-2024-6229
CVE-2024-6229 is a stored XSS vulnerability in stangirard/quivr’s Upload Knowledge feature. An attacker can upload a URL-based file containing malicious JavaScript, which is stored on the server and executed when users click the payload-containing link, potentially enabling data theft and session...
Quivr Cross-Site Scripting Vulnerability
Quivr is an Artificial Intelligence application from Quivr Open Source. A cross-site scripting vulnerability exists in Quivr that stems from a stored cross-site scripting XSS vulnerability in the Upload Knowledge feature. An attacker exploiting this vulnerability could upload a file via a URL,...
PT-2024-37468 · Quivr · Quivr
Name of the Vulnerable Software and Affected Versions: stangirard/quivr version latest Description: A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads...
CVE-2024-38533 ZKsync Era invalid stack addressing conversion
ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0...
CVE-2024-38533
The CVE-2024-38533 entry concerns ZKsync Era, a Layer 2 rollup for Ethereum. The issue is an invalid stack access caused by addresses used to access the stack not being properly converted to cells. Affected versions are prior to 1.5.0; the vulnerability is mitigated by upgrading to version 1.5.0....
CVE-2024-38533 ZKsync Era invalid stack addressing conversion
ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0...
CVE-2024-38533 ZKsync Era invalid stack addressing conversion
ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0...
Malicious code in knowledge-admin (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2582 Malicious code in knowledge-admin (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2161 Malicious code in down_load_ebook_como_elaborar_cerveza_casera_by_knowledge_treasure_collection_rqwqo (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in down_load_ebook_como_elaborar_cerveza_casera_by_knowledge_treasure_collection_rqwqo (npm)
--- -= Per source details. Do not edit below this line.=-...
Veeam Kasten for Kubernetes - vSphere Block Mode Exports Failure With Error 14009
Challenge During vSphere block mode export, in certain situations, it might be observed that the folders/objects get created in the storage bucket. However, the export job remains stuck, and the following error message is seen in the debug logs: "Open virtual disk file failed. The error code is...
Backup Failing With `Too many snapshots` When Using Longhorn as a Storage Provisioner
Challenge Veeam Kasten for Kubernetes backup action for longhorn volumes fails with the error message: too many snapshots created Cause When integrating with CSI-based volumes, Veeam Kasten for Kubernetes employs VolumeSnapshot resources to create snapshots during backup operations. With Longhorn...
2024-06 Cumulative Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5039227)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...