14 matches found
Security update for zabbix
This update for zabbix fixes the following issues: CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. bsc1233834 CVE-2024-22117: Fixed a bug that can cause the map element to crash when new URLs are added. bsc1233791 Patch Instructions: To install this SUSE update use the...
PT-2025-32264
Name of the Vulnerable Software and Affected Versions OpenVPN Access Server affected versions not specified Description The vulnerability allows an attacker to perform JavaScript injection via the SAML relaystate. This could potentially lead to Remote Code Execution RCE. Recommendations At the...
CVE-2022-3284
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-4862
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
Design/Logic Flaw
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
Information disclosure
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
CVE-2022-3284 Insecure way of passing a download key
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284 Insecure way of passing a download key
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284
CVE-2022-3284 affects M-Files New Web versions prior to 22.11.12011.0, where the download key for a vault file was passed insecurely and could be logged. Multiple sources (NVD, Red Hat, PRION, CNNVD, PT-Security) corroborate this issue and specify impact to confidentiality (high) with no integrit...
PT-2023-15884
Name of the Vulnerable Software and Affected Versions M-Files Web versions prior to 22.12.12140.3 M-Files New Web versions prior to 22.12.12140.3 Description The issue allows rendering of HTML provided by another authenticated user in the browser, which can lead to the theft of user sensitive...
PT-2023-13204
Name of the Vulnerable Software and Affected Versions M-Files New Web versions prior to 22.11.12011.0 Description The download key for a file in a vault was passed in an insecure manner, making it easily loggable. This issue may potentially affect a significant number of devices worldwide, althou...
Security update 1970-01-01
...