Lucene search
K

6 matches found

Snyk
Snyk
added 2026/03/09 7:50 p.m.3 views

Insertion of Sensitive Information Into Sent Data

Overview Glances is an A cross-platform curses-based monitoring tool Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the self.config.asdict function, which returns the entire configuration including sensitive values without filtering for th...

8.7CVSS5.8AI score0.01657EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.7 views

CVE-2023-1571

A vulnerability, which was classified as critical, was found in DataGear up to 4.5.0. This affects an unknown part of the file /analysisProject/pagingQueryData. The manipulation of the argument queryOrder leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS7.8AI score0.00915EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2024/11/07 3:48 a.m.3 views

SUSE CVE-2024-51744

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

3.1CVSS8.5AI score0.00521EPSS
Exploits0References17
OSV
OSV
added 2024/11/04 10:15 p.m.6 views

AZL-52189 CVE-2024-51744 affecting package packer for versions less than 1.9.5-9

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

3.1CVSS6.5AI score0.00521EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/06 12:0 a.m.7 views

PT-2023-10809 · Unknown · Devent Globalpom-Utils

Name of the Vulnerable Software and Affected Versions: devent globalpom-utils versions up to 4.5.0 Description: A critical vulnerability has been found in devent globalpom-utils, affecting the createTmpDir function of the FileResourceManagerProvider.java file. This vulnerability leads to insecure...

9.8CVSS6.6AI score0.00807EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2021/12/17 7:15 p.m.3 views

CVE-2021-43838

jsx-slack is a library for building JSON objects for Slack Block Kit surfaces from JSX. In versions prior to 4.5.1 users are vulnerable to a regular expression denial-of-service ReDoS attack. If attacker can put a lot of JSX elements into tag, an internal regular expression for escaping character...

7.5CVSS7.1AI score0.01377EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder