1495 matches found
Unauthorized Access
github.com/zitadel/zitadel is vulnerable to Unauthorized Access. The vulnerability is due to the failure of the system to properly invalidate deactivated user grants in the tokens, allowing users to retain access to applications and resources despite their deactivated status...
BELL-CVE-2024-46720
Bulletin has no description...
| Citrix Workspace App 24.x SSON fails and ssonsvr.exe not running on client
SSON fails with CWA 2402 and 2405.10 The logon to a session stops at the "other user" screen . It is also noticed that the ssonsvr.exe process is not running on the client...
PYSEC-2024-77
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT WHERE’ clause containing Python code is run against a database created with the Weaviate engine,...
BELL-CVE-2024-45022
Bulletin has no description...
RUSTSEC-2024-0404 Unsoundness in anstream
When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...
CVE-2024-8411
A vulnerability was determined in ABCD ABCD2 up to 2.2.0-beta-1. Impacted is an unknown function of the file /buscarintegrada.php. Executing a manipulation of the argument SubExpresion can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly...
MAL-2024-8248 Malicious code in @diotoborg/dolores-esse-incidunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fadf757a78a3d33304058cbe320e85943fa5b28e2c052068c5f5f8d71c173d80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
ASB-A-344620215
Bulletin has no description...
PT-2024-11709 · Adobe · Acrobat
Name of the Vulnerable Software and Affected Versions: Adobe Acrobat affected versions not specified Description: The issue concerns an information disclosure problem. However, the provided details indicate that the candidate number was issued in error and is not a valid vulnerability. Therefore,...
BELL-CVE-2024-43845
Bulletin has no description...
BELL-CVE-2024-43855
Bulletin has no description...
BELL-CVE-2024-43832
Bulletin has no description...
BELL-CVE-2024-43834
Bulletin has no description...
GO-2022-0281 Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman in github.com/containers/podman
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman in github.com/containers/podman...
PT-2024-8614 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A flaw was found in Moodle related to local file inclusion when restoring incorrect block backups. This issue may allow a remote attacker to access confidential data. The estimated number of...
Missing Release Of Resource After Effective Lifetime
github.com/apache/incubator-answer is vulnerable to Missing Release of Resource after Effective Lifetime. The vulnerability is due to improper handling of password reset links. An attacker can misuse or hijack the link by accessing it within its validity period, even after a new link has been...
WEM : Application shortcut display blank white icons
On the WEM Agent, custom application shortcut icons uploaded to the WEM Service are displaying as blank white icons...
BELL-CVE-2024-42230
Bulletin has no description...
BELL-CVE-2024-42128
Bulletin has no description...