CVE-2024-52509

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients...

PT-2025-22465 · Microsoft +3 · Windows +4

Name of the Vulnerable Software and Affected Versions: Tridium Niagara Framework versions prior to 4.14.2, prior to 4.15.1, prior to 4.10.11 Tridium Niagara Enterprise Security versions prior to 4.14.2, prior to 4.15.1, prior to 4.10.11 Description: The issue affects Tridium Niagara Framework and...

PT-2023-31049 · Unknown +3 · Carrierwave +3

Name of the Vulnerable Software and Affected Versions: CarrierWave versions prior to 2.2.5 CarrierWave versions prior to 3.0.5 Description: The issue is related to a Content-Type allowlist bypass vulnerability in CarrierWave, which could lead to XSS attacks. The allowlisted content type? function...

PT-2023-16571 · Opennms · Opennms Meridian +1

Name of the Vulnerable Software and Affected Versions: OpenNMS Meridian versions prior to 2023.1.0 OpenNMS Horizon versions prior to 31.0.4 Description: Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages could allow an attacker access to confidential session...

PT-2022-10193 · Apache · Apache Hadoop

Name of the Vulnerable Software and Affected Versions: Apache Hadoop versions 2.2.0 through 2.10.1 Apache Hadoop versions 3.0.0-alpha1 through 3.1.4 Apache Hadoop versions 3.2.0 through 3.2.2 Apache Hadoop versions 3.3.0 through 3.3.1 Description: A user who can escalate to yarn user can possibly...

PT-2016-3367

Name of the Vulnerable Software and Affected Versions Pivotal Spring Framework versions prior to 6.0.0 Pivotal Spring Framework versions 4.2.6 and 3.2.17 Pivotal Spring Framework versions 5.3.0 through 5.3.16 Description The issue is related to the implementation of the readRemoteInvocation metho...