6 matches found
Security Bulletin: vulerability in IBM Spectrum Symphony with IBM WebSphere Application Server Liberty
Summary vulerability in IBM Spectrum Symphony with IBM WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass...
Incorrect Behavior Order: Validate Before Canonicalize
Overview vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize through the server.fs.deny component. An attacker can access sensitive files by appending specific query parameters such as ?raw,...
EUVD-2025-163768
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2...
CVE-2025-64380
CVE-2025-64380 affects WordPress Booster for WooCommerce (woocommerce-jetpack) plugin, specifically versions up to and including 7.3.2. The root cause is improper input handling during web page generation, leading to a stored cross-site scripting (XSS) vulnerability. This means malicious script p...
Security Bulletin: vulerability in IBM Spectrum Symphony with spring webmvc
Summary vulerability in IBM Spectrum Symphony with spring webmvc Vulnerability Details CVEID:CVE-2024-38819 DESCRIPTION: Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HT...
Varnish Cache 安全漏洞
Varnish Cache is a suite of reverse web caching servers. A security vulnerability exists in Varnish Cache versions prior to 7.3.2 and 7.4.x prior to 7.4.3 and Varnish Enterprise versions prior to 6.0.12r6, which stems from a credit exhaustion that allows HTTP/2 connections to control the flow...