9 matches found
EUVD-2019-4913
Malware in sbrugna...
Design/Logic Flaw
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created...
Rapid7 Nexpose has an unspecified vulnerability (CNVD-2022-21218)
Rapid7 Nexpose is a set of vulnerability management software from Rapid7, Inc. that can use the scan results to deeply probe the network. The software supports scanning configuration environments for errors, vulnerabilities, malware, etc. Rapid7 Nexpose 6.6.129 and previous versions have a securi...
Cross-site Scripting (XSS)
pimcore/pimcore is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization of text-values in the getTranslationColumnRenderer function...
Pimcore Cross-Site Scripting Vulnerability (CNVD-2021-93906)
Pimcore is a comprehensive open source enterprise platform for master data management PIM/MDM, user experience management CMS/UX, digital asset management DAM, and e-commerce. cross-site scripting vulnerabilities exist in versions of Pimcore prior to 10.1.2. The vulnerability stems from text valu...
Improper Neutralization of Text-Values in Object Version Preview
Text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources...
GHSA-W6J8-JC36-X5Q9 Improper Neutralization of Text-Values in Object Version Preview
Text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources...
CVE-2019-13419
Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked...
CVE-2019-13419
Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked...