9 matches found
CVE-2022-30972
A cross-site request forgery CSRF vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file e.g., archived artifacts that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery...
CVE-2024-7384
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acymextractArchive function in all versions up to, and including, 9.7.2. This makes it possible fo...
PT-2024-38313 · WordPress · Acymailing
Name of the Vulnerable Software and Affected Versions: AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress versions up to, and including, 9.7.2 Description: The issue is related to arbitrary file uploads due to missing file type validation in the acym...
PT-2024-5370 · Ibm · Ibm Engineering Requirements Management Doors Web Access
Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management DOORS Web Access version 9.7.2.8 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. This could allow a remote attacker to expose sensitive...
CVE-2022-29721
creationtimestamp| type| source ---|---|--- 2022-05-26 16:14:08+00:00| seen| https://t.me/cibsecurity/43373...
CVE-2021-35236
The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted...
CVE-2021-36134
Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service DoS...
Foxit Reader and PhantomPDF Resource Management Error Vulnerability (CNVD-2020-32084)
Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2. The vulnerability can be exploited by an attacker to cause an application crash resource...
Foxit Reader and PhantomPDF Resource Management Error Vulnerability (CNVD-2020-32082)
Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A resource management error vulnerability exists in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2, which is caused by the execution of JavaScript code after a delete or clos...