170 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-26785
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a create function statement...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.5.7 and prior 10.5.x, 9.11.16 and prior 9.11.x. The vulnerability stems from a failure to negotiate a new token when accepting an invitation,...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 10.5.5 and prior 10.5.x, 9.11.15 and prior 9.11.x, 10.8.0 and prior 10.8.x, 10.7.2 and prior 10.7.x, and 10.6.5 and prior 10.6.x, which stems from an...
IBM webMethods Integration 安全漏洞
IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. A security vulnerability exists in IBM webMethods Integration versions 10.5, 10.7, 10.11, and 10.15, which stems from improper permissions when dealing with external entities, which could result in...
CVE-2024-3891
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML tags in widgets in all versions up to, and including, 3.10.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-49559
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...
PT-2024-29556 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is a denial of service, where the server may crash under certain conditions with a specially crafted query. Recommendations:...
SUSE CVE-2023-26785
MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...
MariaDB 安全漏洞
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A remote code execution vulnerability exists in MariaDB version 10.5, and no detailed vulnerability details are currently available...
PT-2024-4311 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to a denial of service that may occur when a specially crafted query is used on certain columnar tables by an...
PT-2024-4310 · Ibm · Db2 Connect Server +1
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to the management of database systems, specifically IBM DB2 and IBM DB2 Connect Server, which are vulnerable to...
SUSE CVE-2024-27834
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...
UBUNTU-CVE-2024-27834
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...
PT-2024-8647 · Apple · Macos Sonoma +4
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.5 iPadOS versions prior to 17.5 watchOS versions prior to 10.5 macOS Sonoma versions prior to 14.5 Description: A path handling issue was addressed with improved validation, which may allow a remote attacker to gain...
CVE-2023-49101
WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates...
Scalefusion kiosk security vulnerability
ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in the Scalefusion kiosk version 10.5.2, which stems from the ability to use Alt-F4, resulting in the inability to properly restrict users from using the Edge...
CVE-2023-38003
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214...
CVE-2023-40692
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807...
PT-2023-7698 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue exists due to insufficient input validation in the system, allowing a remote attacker to cause a denial of service using a...
PT-2023-6955 · Crushftp · Crushftp
Name of the Vulnerable Software and Affected Versions: CrushFTP versions prior to 10.5.1 Description: The issue is related to errors in handling input data in the Object Attribute Handler component of the CrushFTP cross-platform FTP server. Exploitation of this issue may allow a remote attacker t...