8 matches found
CVE-2024-53983
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
Backstage 代码问题漏洞
Backstage is a Backstage open source application. Backstage is an open platform for building developer portals. Backstage has a code issue vulnerability that stems from the ability to perform Git configuration injection using server-side template injection, allowing an attacker to capture...
CVE-2024-25702
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScri...
PT-2022-27846 · Rackn · Rackn Digital Rebar
Name of the Vulnerable Software and Affected Versions: RackN Digital Rebar versions 4.6.14 and earlier RackN Digital Rebar versions 4.7 through 4.7.22 RackN Digital Rebar versions 4.8 through 4.8.5 RackN Digital Rebar versions 4.9 through 4.9.12 RackN Digital Rebar versions 4.10 through 4.10.8...
CVE-2021-3495
An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. This flaw allows an attacker with a basic level of access to the cluster to deploy a kiali operand to use this vulnerability and deploy a given image to anywhere in the cluster, potential...
PT-2021-20792 · Unknown · Kiali-Operator
Name of the Vulnerable Software and Affected Versions: kiali-operator versions prior to 1.33.0 kiali-operator versions prior to 1.24.7 Description: An incorrect access control flaw was found in the kiali-operator. This flaw allows an attacker with a basic level of access to the cluster to deploy ...
CVE-2016-4306
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...
CVE-2016-4306
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses...