34 matches found
PT-2023-22643 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions =2.0.44 Description: Reflected XSS affects the mode parameter in the "/admin" functionality of the web application. Recommendations: For versions =2.0.44, update to a version greater than 2.0.44 to resolve the issue. As a...
PT-2023-19295 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to v6 Description: An improper access control issue exists that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room. Recommendations: For versions prior t...
PT-2023-16504 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to an improper validation of array index. This could allow an attacker to crash the server and remotely execute arbitrary code. Recommendations: At the moment, there ...
PT-2022-12946 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this issue may affect data confidentiality. Recommendations: At the moment, there is n...
PT-2022-18122 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.0.6 Description: When using tasks to read config files, there is a risk of database password disclosure. Recommendations: For versions prior to 2.0.6, upgrade to version 2.0.6 or higher...
PT-2022-25628 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions 16.0.1 through 16.0.2 Description: SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent...
PT-2022-26046 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.1.1 Description: The issue allows for denial of service attacks due to the Unmarshal function panicking on certain inputs. Recommendations: For versions prior to 2.1.1, update to version 2.1.1 to resolve the issu...
PT-2022-28229 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 0.43.3 SoftwareX versions 0.43.3 through 0.99 Description: The issue arises when a transaction contains a dep group with many cells, resulting in resources required to process it not being linear to the transaction...
PT-2022-26448 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.0.0-M9 Description: The issue allows an end-user to set the value of an editable string property of a domain object to a value that would be rendered unchanged when the value was saved. This enables the end-user ...
PT-2022-28257 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.2.1 Description: The issue is related to the default cookie name prefix, which was set to Host instead of Host-. This prefix is used for additional security to ensure the cookie came from the correct domain when ...
PT-2022-23652 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to SMR Sep-2022 Release 1 Description: The issue is related to an Improper Authorization vulnerability. It affects the setDualDARPolicyCmd function, allowing local attackers to cause a local permanent denial of servic...
PT-2022-17556 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 0.7.2 Description: A race condition can cause incorrect HTTP request routing. The issue affects the routing of some HTTP requests when using httpauth. Recommendations: For versions prior to 0.7.2, upgrade to versio...
PT-2021-23607 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 1.1.1 Description: Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least o...
PT-2020-16137 · Softwarex +1 · Softwarex +1
Name of the Vulnerable Software and Affected Versions: SoftwareX versions 3.5 through 3.5.13 SoftwareX versions 3.7 through 3.7.7 SoftwareX versions 3.8 through 3.8.4 SoftwareX versions 3.9 through 3.9.1 Description: The filter in the tag manager required extra sanitizing to prevent a reflected X...