Inline SVG SQL注入漏洞

Inline SVG is a library from the personal developer James Martin. SVG documents are styled for use on the Web using CSS by adding classes to the document and embedding them in HTML. Inline SVG suffers from a SQL injection vulnerability that originates from an unknown section and operates to cause...

wing-tight 安全漏洞

wing-tight is an application by aptic lava personal developer. A security vulnerability exists in wing-tight versions prior to 1.0.0, which stems from a problem in the unknown section of the file index.php, where manipulation of the parameter p results in a file inclusion...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Cross site scripting

PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users...

CVE-2022-40711

PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users...

CVE-2022-40711

PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users...

PrimeKey EJBCA 跨站脚本漏洞

PrimeKey EJBCA is a full-featured CA system software from PrimeKey Sweden. The software is used for domain certificate management, enrollment and enrollment-to-certificate validation, and other functions to achieve access security. A security vulnerability exists in PrimeKey EJBCA version 7.9.0.2...

PT-2023-13896 · Primekey · Primekey Ejbca

Name of the Vulnerable Software and Affected Versions: PrimeKey EJBCA version 7.9.0.2 Community Description: The issue allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users. Recommendations: For PrimeKey EJBCA...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

CVE-2022-23516

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.2.0, 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a...

Important: Red Hat Security Advisory: bcel security update

An update for bcel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

KLA20119 SB vulnerability in Microsoft Azure

Security vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2022-44699 Related products Microsoft-Azure CVE list CVE-2022-44699 high KB list Solution Install necessary updates from the KB section, tha...

Team Members < 5.2.1 - Editor+ Stored XSS

The plugin does not sanitize and escapes some of its settings, which could allow high-privilege users such as editors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in a multisite setup. 1. Go to the "Teams" section » add a new te...

Moderate: Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update

Openshift Logging Bug Fix Release 5.3.14 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (protobuf) security update

An update for protobuf is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (puppet-firewall) security update

An update for puppet-firewall is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Low: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-django-horizon) security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.2.4 Train on Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2022-40918

Buffer overflow in firmware leweicam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links http://thiscomputer.com/...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

PT-2022-27471 · Libredwg · Libredwg

Name of the Vulnerable Software and Affected Versions: LibreDWG version 0.12.4.4643 Description: A heap buffer overflow issue was discovered in the decode preR13 section hdr function at decode r11.c. This issue affects the specified version of LibreDWG. Recommendations: For LibreDWG version...