18 matches found
CVE-2026-52839
Easy!Appointments versions before 1.6.0 allow cross-provider appointment injection via unauthorized use of the store and update endpoints. The vulnerability arises because store/update do not verify that id_users_provider belongs to the current session, enabling a provider to add or reassign appo...
CLSA-2026-1772643333 Update of nss
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "ePKI Root Certification Authority" - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go...
CVE-2024-2998
A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...
EUVD-2024-27938
Malicious code in bioql PyPI...
CLSA-2025-1754680650 Update of nss
update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "certSIGN ROOT CA" - Certificate "ACCVRAIZ1" - Certificate "Entrust Root Certification Authority - G4" - Certificate "Security Communication ECC RootCA1" - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root...
CLSA-2024-1730910356 Update of nss
update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "OISTE WISeKey Global Root GC CA" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of...
DEBIAN-CVE-2024-42160
In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fsbuildfaultattr - It missed to check validation of fault attrs in parseoptions, let's fix to add check condition in f2fsbuildfaultattr. - Use f2fsbuildfaultattr in sbistore to clean up...
CVE-2024-2998
A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...
CVE-2024-2998 Bdtask Multi-Store Inventory Management System Store Update Page cross site scripting
A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...
CVE-2024-2998
The CVE-2024-2998 entry concerns the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability affects the Store Update Page where manipulating the Store Name/Store Address parameter can trigger cross-site scripting (XSS). The issue is described as exploitable remotely an...
PT-2024-23175 · Unknown · Bdtask Multi-Store Inventory Management System
Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A problematic issue was found in the Store Update Page component of the Bdtask Multi-Store Inventory Management System. The manipulation of the Store Name and...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system for stemword individual developers. A cross-site scripting vulnerability exists in Bdtask Multi-Store Inventory Management System 20240320 and prior versions, which stems from a cross-site scripting XSS vulnerability in the component...
CLSA-2024-1705940980 Update of ca-certificates
Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "Chambers of Commerce Root - 2008" - Certificate "E-Tugra Certification Authority" - Certificate "Global Chambersign Root - 2008" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...
CVE-2023-22942
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway SSG app in the ‘kvstoreclient’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request...
PT-2022-4714 · Hewlett Packard · Hp Support Assistant +1
Name of the Vulnerable Software and Affected Versions: HP Support Assistant version 9 Description: The issue is related to a DLL hijacking vulnerability in HP Support Assistant, which uses HP Performance Tune-up as a diagnostic tool. This vulnerability can be exploited by an attacker to elevate...
HOUSE GATE App for iOS vulnerable to directory traversal
Overview HOUSE GATE App for iOS provided by HOUSE GATE inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...
March 22, 2017—KB4016635 (OS Build 14393.970)
None None...
Documents Pro (formerly Files HD) vulnerable to directory traversal
Overview Documents Pro provided by Olive Toast Software Ltd. contains a directory traversal vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a directory traversal vulnerability. Keigo Yamazaki of LAC Co., Ltd reported...