1g6table (=0.1.0), 7qb (=0.0.17) +1272 more potentially affected by unknown CVE via @antv/dom-util (>=2.0.2 <=2.0.4)

@antv/dom-util NPM version =2.0.2, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.0.0, =0.2.0, =1.1.15, =1.0.4, =2.1.0 - @alifd/ice-devtools =1.1.14-beta.4 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDOMUTIL-16754419...

com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)

org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15791526...

TESI Gandia Integra Total SQL注入漏洞

TESI Gandia Integra Total is a Web-based online survey and data analysis system from TESI Spain. An injection vulnerability exists in TESI Gandia Integra Total versions 2.1.2217.3 through 4.4.2236.1, which originates in the file /encuestas/integrawebv4/integra/html/view/consultacuotasred.php with...

Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

...

io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2023-36812 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)

net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2023-36812 Source advisory: OSV:GHSA-76F7-9V52-V2FW...

PT-2023-18899 · Garmin · Ciq Api +1

Name of the Vulnerable Software and Affected Versions: GarminOS TVM component in CIQ API versions 2.1.0 through 4.1.7 Description: The issue allows applications with a specially crafted head section to use the Toybox.SensorHistory module without permission. A malicious application could call any...

CVE-2020-4430

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535...

ai.databand:dbnd-agent (>=0.42.1 <=0.80.6), ai.databand:dbnd-api-deequ (>=0.42.1 <=0.80.6) +1854 more potentially affected by CVE-2018-1000850 via com.squareup.retrofit2:retrofit (>=2.0.0 <=2.4.0)

com.squareup.retrofit2:retrofit MAVEN version =2.0.0, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =1.4.2, =1.4.2, =1.4.2, =1.4.2, =1.4.2, =3.8.3.1, =3.8.2.1, =1.0.0, =1.0.0, =1.0.0, =1.1.0 and more Source cves: CVE-2018-1000850 Source advisory: OSV:GHSA-8P8G-F9VG-R7XR...

PT-2018-3433 · Grafana +1 · Grafana +1

Name of the Vulnerable Software and Affected Versions: Grafana versions 2.x through 4.x before 4.6.4 Grafana versions 5.x before 5.2.3 Description: The issue is related to authentication errors in the Grafana web tool, allowing an attacker to bypass authentication. This can be achieved by...

Botan Design Vulnerability (CNVD-2018-08488)

Botan is a library of cryptographic algorithms in the C++ programming language that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan versions 2.2.0 through 2.4.0, which stems from the program failing to properly match wildcard certificates. An attack...

ALPINE-CVE-2018-9127

Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must alrea...