18 matches found
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
EUVD-2022-53118
Malicious code in bioql PyPI...
com.liferay:com.liferay.calendar.service (>=2.2.0 <=2.5.7), com.liferay:com.liferay.document.library.service (>=1.0.0 <=2.0.6) +10 more potentially affected by CVE-2025-43804 via com.liferay:com.liferay.portal.search (>=1.0.0 <=8.0.113)
com.liferay:com.liferay.portal.search MAVEN version =1.0.0, =2.2.0, =1.0.0, =1.1.29, =1.1.0, =1.0.0, =1.0.10, =3.4.9, =1.0.0, =2.0.5, =1.0.0, =1.2.2, =2.1.2, =2.1.11 Source cves: CVE-2025-43804 Source advisory: OSV:GHSA-CCRC-5VP5-VP5J...
CVE-2024-58049
Huawei HarmonyOS is affected by CVE-2024-58049 in the media library module, where a permission verification/privilege-check weakness can lead to confidentiality leakage. The issue is described as a local, low-effort exploit with high confidentiality impact (per the CVE metrics). Public references...
PT-2024-36380 · Apple · Macos Sonoma +7
Name of the Vulnerable Software and Affected Versions: watchOS versions 11.2 and earlier tvOS versions 18.2 and earlier macOS Sequoia versions 15.2 and earlier iOS versions 18.2 and earlier iPadOS versions 18.2 and earlier macOS Ventura versions 13.7.2 and earlier macOS Sonoma versions 14.7.2 and...
Fedora 37 : apptainer (2023-01ff262091)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-01ff262091 advisory. Update to upstream 1.1.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...
Fedora 36 : apptainer (2023-677d58bb20)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-677d58bb20 advisory. Update to upstream 1.1.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...
GO-2023-1497 Leaked user credentials in github.com/sylabs/scs-library-client
When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectly leaked to an S3 backing storage provider...
CVE-2022-23538 User credentials leaked to third-party service via HTTP redirect in scs-library-client
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library service may be incorrectl...
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31698
The CVE-2022-31698 entry concerns VMware vCenter Server (and related ESXi components) with a denial-of-service in the content library service. According to the provided documents, a remote attacker who can access port 443 over the network can trigger a DoS by sending a specially crafted header, l...
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
PT-2022-5908 · Vmware · Vmware Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is related to a denial-of-service condition in the content library service of VMware vCenter Server. It can be triggered by a malicious actor with network access to...
com.liferay:com.liferay.document.library.service (>=1.0.0 <=2.0.8), com.liferay:com.liferay.dynamic.data.lists.service (>=1.0.0 <=1.1.48) +10 more potentially affected by CVE-2021-38268 via com.liferay:com.liferay.dynamic.data.mapping.service (>=1.0.0 <=2.2.0)
com.liferay:com.liferay.dynamic.data.mapping.service MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.5, =1.0.30 Source cves: CVE-2021-38268 Source advisory: OSV:GHSA-F855-2RVM-5J7H...
Libstar Intelligent Library Service Platform of Jiangsu Tuxing Software Technology Limited Liability Company suffers from logic flaw vulnerability
Libstar Intelligent Library Service Platform is a library management system that utilizes a service-oriented architecture framework. Libstar Intelligent Library Service Platform of Jiangsu Tuxing Software Technology Co., Ltd. has a logic flaw vulnerability that can be exploited by an attacker to...
ai.ylyue:yue-library-auth-client (>=j8.2.3.0 <=j11.2.3.3), ai.ylyue:yue-library-auth-service (>=j8.2.3.0 <=j11.2.3.3) +3893 more potentially affected by CVE-2020-5397 via org.springframework:spring-webmvc (>=5.2.0.RELEASE <=5.2.2.RELEASE)
org.springframework:spring-webmvc MAVEN version =5.2.0.RELEASE, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =2.3.0.RELEASE, =1.1.1, =1.0.0, =1.2.2.RELEASE, =1.2.2.RELEASE, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.12 and more Source cves: CVE-2020-5397 Source advisory: OSV:GHSA-7PM4-G2QJ-J85X...
QNAP QTS 4.2.x < 4.2.6 build 20170905, 4.3.x < 4.3.3 build 20170727 Command Injection Vulnerability
QNAP QTS is vulnerable to a command injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...