4991 matches found
JetBrains YouTrack Improper Access Control Vulnerability
JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from an improp...
ROS-20241015-09
A vulnerability in the Golang programming language is related to the lack of value cleanup. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20241015-15
A vulnerability in the PHP programming language interpreter exists due to a failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab version 11.4 up to and including...
USN-7061-1: Go vulnerabilities
Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. CVE-2023-24531 Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not...
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from an improp...
EulerOS 2.0 SP12 : openssl (EulerOS-SA-2024-2537)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory...
Microsoft Speech Application Programming Interface 资源管理错误漏洞
Microsoft Speech Application Programming Interface is a speech application programming interface from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Speech Application Programming Interface. An attacker could exploit this vulnerability to remotely execute...
VegaBird Vooki 安全漏洞
VegaBird Vooki is a free web application vulnerability scanning tool from VegaBird Open Source that helps users to scan any web application and find vulnerabilities.Vooki consists of three main parts: a web application scanner, a Rest API scanner, and a reporting feature. VegaBird Vooki version...
MediaWiki 安全漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from the fact that even though API...
Shilpi Client Dashboard 安全漏洞
Shilpi Client Dashboard is a centralized dashboard from Shilpi. A security vulnerability exists in Shilpi Client Dashboard versions prior to 9.7.0 that stems from a lack of authorization to modify and cancel requests via certain API endpoints, which could result in unauthorized modification of...
PT-2024-32710 · Unknown · Shilpi Client Dashboard
Name of the Vulnerable Software and Affected Versions: Shilpi Client Dashboard affected versions not specified Description: This issue exists due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this by including multiple userid...
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bounds write CWE-787 - CVE-2024-47134 Stack-based buffer overflow CWE-121 - CVE-2024-47135 Out-of-bounds read CWE-125 - CVE-2024-47136 Michael Heinzl reported...
CVE-2024-47136
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...
CVE-2024-47134
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...
CVE-2024-47136
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...
CVE-2024-47136
CVE-2024-47136 is an out-of-bounds read vulnerability in Kostac PLC Programming Software (former Koyo) up to version 1.6.14.0. Opening a specially crafted KPP project file saved with version 1.6.9.0 or earlier can cause DoS, arbitrary code execution, or information disclosure due to parsing issue...
CVE-2024-47135
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may...
CVE-2024-47134
Summary of CVE-2024-47134 and related advisories : Kostac PLC Programming Software (formerly Koyo PLC Programming Software)
CVE-2024-47134
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a...