18 matches found
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.1, which stems from an information leak in the adminsafe.php component that could...
CVE-2022-24124
The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations...
License and ciphers are missing after upgrading to the latest version on 13.0 and 13.1
License and ciphers are missing after upgrade to the latest version on 13.0 and 13.1...
Netscaler nstcpdump timestamp shows as UTC+0 instead of device local time(e.g. GMT+9).
Starting from version 13.1, when the TCPDUMP command is executed in CLI, GMT+0 time is applied instead of GMT+9 time set in Netscaler. Nstrace is normally applied as GMT+9 time, but only TCPDUMP is applied as GMT+0...
Progress Software MOVEit Transfer 安全漏洞
Progress Software MOVEit Transfer is an automated file transfer software from Progress Software, USA. The software supports file transfers and provides file transfer activity monitoring. A security vulnerability exists in Progress Software MOVEit Transfer that originates from allowing an attacker...
ADM GUI is down and users only have access via SSH
Users are unable to get any access to ADM GUI on 13.1...
Citrix ADC: 13.1: error message for smart card access to gateway
Citrix ADC: 13.1: error message for smart card access to the gateway...
CVE-2022-32455
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the...
CVE-2022-33736
A vulnerability has been identified in Opcenter Quality V13.1 All versions V13.1.20220624, Opcenter Quality V13.2 All versions V13.2.20220624. The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing...
CVE-2022-25148
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the currentpageid parameter found in the /includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain...
CVE-2019-8901
This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action...
GitLab Username Format Restriction Bypass Vulnerability
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A vulnerability exists in GitLab versions prior to 13.1 that can be exploited to bypass the usernam...
PT-2020-4071 · Apple · Itunes For Windows +7
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 tvOS versions prior to 13.4.5 watchOS versions prior to 6.2.5 Safari versions prior to 13.1.1 iTunes for Windows versions prior to 12.10.7 iCloud for Windows versions prior to 11.2 and...
CVE-2019-8242
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...
Adobe Media Encoder Out-of-Bounds Write Vulnerability
Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Media Encoder 13.1 and earlier versions for Window and macOS-based platforms. An attacker can exploit the vulnerability to execute code...
Adobe Media Encoder Out-of-Bounds Read Vulnerability (CNVD-2019-41626)
Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Media Encoder 13.1 and earlier versions for Window and macOS platforms. An attacker can exploit this vulnerability to obtain sensitive...
Apple tvOS, iOS and iPadOS Kernel Component Memory Corruption Vulnerability
Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple iPadOS is an operating system for iPad tablets.Kernel is one of the kernels. A security vulnerability exists in the Kernel component of Apple tvOS prior to version 13, iOS prior to versio...
Apple iOS and Apple iPadOS VoiceOver Component Lock Screen Bypass Vulnerability
Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer.VoiceOver is one of the voice assistance components. A lock screen bypass vulnerability exists in the VoiceOver...