19 matches found
MiracleLinux 4 : jakarta-taglibs-standard-1.1.1-11.7.0.1.AXS4 (AXSA:2015-477:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-477:01 advisory. This package contains Jakarta Taglibs's open-source implementation of the JSP Standard Tag Library JSTL, version 1.1. JSTL is a standard under the Java...
CVE-2025-14614 Quartus® Prime Standard and Quartus® Prime Lite Security Advisory
Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer SFX on Windows, Altera Quartus Prime Lite Installer SFX on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1...
PT-2025-50586
QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability, which may allow a user who can log in to a Windows system with the affected product to gain administrator privileges. As a result, sensitive information may be accessed or altered, and arbitrary...
EUVD-2017-1592
Malware in sbrugna...
CVE-2017-1000465
Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code...
PT-2024-27029 · Faronics · Winselect
Name of the Vulnerable Software and Affected Versions: Faronics WINSelect Standard + Enterprise affected versions not specified Description: The application saves its configuration in an encrypted file on the file system, which "Everyone" has read and write access to. The paths to the configurati...
Information leakage vulnerability in the standard version of PHPEMS online simulation test system of Xinxiang City Falling Pen Thousand Words Network Technology Co.
PHPEMS online mock exam system is developed based on PHP+Mysql and supports multiple question types and presentation methods. The standard version of PHPEMS Online Mock Exam System of Xinxiang Falling Words Network Technology Co., Ltd. has an information leakage vulnerability, which can be...
OS Command Injection
standard-version is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands on the system due to passing of untrusted user input without validation through the exec function...
@ahanapediatrics/ahana-fp (>=1.0.6 <=2.3.1), @ahanapediatrics/react-volume-meter (=3.0.0) +269 more potentially affected by unknown CVE via standard-version (>=2.4.0 <=8.0.0)
standard-version NPM version =2.4.0, =1.0.6, =0.0.2, =0.2.3-alpha.0, =1.4.10, =1.0.0, =1.0.1, =0.0.3, =1.1.0, =1.0.1, =1.0.0, =1.1.0 - @cemderin/battle-calculator =0.0.0 - @cemderin/react-data-editor =0.0.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-7XCX-6WJH-7XP2...
GHSA-7XCX-6WJH-7XP2 Command Injection in standard-version
GitHub Security Lab GHSL Vulnerability Report: GHSL-2020-111 The GitHub Security Lab team has identified a potential security vulnerability in standard-version. Summary The standardVersion function has a command injection vulnerability. Clients of the standard-version library are unlikely to be...
Command Injection in standard-version
GitHub Security Lab GHSL Vulnerability Report: GHSL-2020-111 The GitHub Security Lab team has identified a potential security vulnerability in standard-version. Summary The standardVersion function has a command injection vulnerability. Clients of the standard-version library are unlikely to be...
Update Rollup 3 for Windows MultiPoint Server 2012
Update Rollup 3 for Windows MultiPoint Server 2012 Summary This article describes Update Rollup 3 for Windows MultiPoint Server 2012. This update rollup resolves issues that were found in Windows MultiPoint Server 2012 after the software was released. This update rollup is highly recommended for...
PT-2019-17000 · Ibm · Daeja Viewone Standard +2
Name of the Vulnerable Software and Affected Versions: IBM Daeja ViewONE Professional, Standard & Virtual versions 5.0 through 5.0.5 Description: The issue allows an unauthorized user to download server files, resulting in sensitive information disclosure. Recommendations: For IBM Daeja ViewONE...
IBM Daeja ViewONE Information Disclosure Vulnerability
IBM Daeja ViewONE is a document viewer from IBM that supports TIFF, PDF and Office-based documents.IBM Daeja ViewONE Virtual, Daeja ViewONE Standard and Daeja ViewONE Professional are its different Daeja ViewONE Virtual, Daeja ViewONE Standard and Daeja ViewONE Professional are different versions...
Cross-site scripting vulnerability in Access Analyzer CGI by futomi's CGI Cafe
Overview Access Analyzer CGI from futomi's CGI Cafe contains a cross-site scripting vulnerability. This is caused by a particular method in which tags are embedded into the web page. Access Analyzer CGI provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI...
JVN#35605523: Cross-site scripting vulnerability in Access Analyzer CGI by futomi's CGI Cafe
Access Analyzer CGI provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI contains a cross-site scripting vulnerability. This is caused by a particular method in which tags are embedded into the web page. Impact An arbitrary script may be executed on the user...
JVN#07468800 Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe
Access Analyzer CGI provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI contains a predictable session ID vulnerability. Impact A remote attacker could impersonate an administrator of Access Analyzer CGI. As a result, a remote attacker could view access...
LocalWEB2000 2.1.0 Standard - File Disclosure
LocalWEB2000 2.1.0 Standard - File Disclosure source: https://www.securityfocus.com/bid/4820/info A vulnerability exists in LocalWEB2000 related to content password protection. It is possible to have LocalWEB2000 treat files as unprotected by requesting them as files within the '.' current...
Virtual Server 2005 RTM Standard ENG
...