Security Bulletin: vulnerability addressed in IBM Big Replicate LiveData Migrator 3.4

Summary The libraries affected include Aircompressor. Dependency packages are being used by IBM Big Replicate LiveData Migrator. This bulletin describes the upgrades necessary to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-36114 DESCRIPTION: Aircompressor is a library with...

Security Bulletin: Multiple vulnerabilities addressed in IBM Big Replicate LiveData Migrator 3.4

Summary Multiple vulnerabilities addressed in IBM Big Replicate LiveData Migrator 3.4. The libraries affected include tomcat-embed-core-9.0.108.jar Dependency packages are being used by IBM Big Replicate LiveData Migrator. This bulletin describes the upgrades necessary to address the...

MAL-2026-1373 Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23622be0c1860486eed767780c0a0de0a46b5b0a736cd99a08ecba95fd57c411 The package @sky-it-livedata-libraries/livedata-commons-client was found to contain malicious code. Source: ghsa-malware...

Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23622be0c1860486eed767780c0a0de0a46b5b0a736cd99a08ecba95fd57c411 The package @sky-it-livedata-libraries/livedata-commons-client was found to contain malicious code. Source: ghsa-malware...

Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1372 Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...

EUVD-2011-3949

Malware in sbrugna...

EUVD-2006-0067

Malware in sbrugna...

EUVD-2014-2388

Malware in sbrugna...

EUVD-2007-2483

Malware in sbrugna...

Exploit for CVE-2025-32429

CVE-2025-32429 XWiki SQL Injection PoC Author: Byte Reape...

Meteor 安全漏洞

Meteor is a JavaScript application platform open-sourced by Meteor. A security vulnerability exists in Meteor 3.2.1 and earlier versions, which stems from an insufficient regular expression complexity due to an incorrect operation of the function Object.assign on the parameter forwardedFor in the...

org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Basic Cross-site Scripting

Impact A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. For instance, by adding the LiveData below in the about section of the profile of a user created by an admin. javascript liveData id="movie...

GHSA-HMM7-6PH9-8JF2 org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Basic Cross-site Scripting

Impact A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. For instance, by adding the LiveData below in the about section of the profile of a user created by an admin. javascript liveData id="movie...

PT-2023-20672 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 12.10 through 14.4.6 XWiki Platform versions 13.10.9 and earlier XWiki Platform version 14.9 is not affected, but versions prior to 14.9 are vulnerable, however since 14.4.7 is a fixed version, we consider versions pri...

CVE-2014-2351

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests...

Sql injection

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests...

CVE-2014-2351 CSWorks SQL Injection

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests...

CVE-2014-2351

CSWorks software framework vulnerability (CVE-2014-2351) affects the CSWorks LiveData service before version 2.5.5233.0. The flaw arises from improper handling of data used to construct read/write paths in web API requests, enabling SQL injection. References indicate that remote attackers could p...

CVE-2011-3996

The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service service crash via crafted TCP packets...