69 matches found
CVE-2025-21540
...
CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
CVE-2024-24970
Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...
CVE-2024-29080
Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...
CVE-2023-41826
A PendingIntent hijacking vulnerability in Motorola Device Help Genie application that could allow local attackers to access files or interact with non-exported software components without permission...
CVE-2024-33767
lunasvg v2.3.9 was discovered to contain a segmentation violation via the component compositionsolidsource...
Xuxueli xxl-job template injection vulnerability
A vulnerability classified as problematic was found in Xuxueli xxl-job version 2.4.0. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed ...
Security Bulletin: IBM Security Verify Governance - Identity Manager, Software component has multiple vulnerabilities
Summary Multiple security vulnerabilities have been addressed in IBM Security Verify Governance - Identity Manager, Software component. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...
CVE-2024-25417
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/addtranslation.php...
CVE-2023-49462
libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc...
Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to spoofing when using Web Server Plug-ins
Summary IBM Security Verify Governance uses IBM WebSphere Application Server .The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: IBM Security Verify Governance, Identity Manager software component ships IBM WebSphere Application Server, which is vulnerable to cross site scripting
Summary IBM WebSphere Application Server WAS is shipped with IBM Security Verify Governance, Identity Manager software component SVGSS. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to t...
Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console
Summary IBM Security Verify Governance uses IBM WebSphere Application Server. The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
The hardware-software component of WebAdmin is vulnerable to cyber threats from Sophos SG UTM (Unified Thread Management), allowing attackers to execute arbitrary commands.
The vulnerability of the WebAdmin component in the hardware-software security system for handling network threats, Sophos SG UTM Unified Thread Management, is related to the failure to take measures to neutralize specific elements used in operating system processes. Exploiting this vulnerability...
K17248: OpenSSL vulnerability CVE-2010-0742
Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...
Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager software component
Summary IBM Security Verify Governance, Identity Manager software component has addressed the following vulnerabilities Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Security...
CVE-2022-35166
libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal...
CVE-2021-3922
A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe...
Incorrect Access Control in Ignition
The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control...
ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...