UBUNTU-CVE-2024-36951

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. Update the user api ...

CVE-2022-43575

IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 23864...

PT-2024-11659 · Ibm · Ibm Aspera Console

Name of the Vulnerable Software and Affected Versions: IBM Aspera Console versions 3.4.0 through 3.4.2 PL5 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...

IBM Aspera 跨站脚本漏洞

IBM Aspera is a suite of fast file transfer and streaming solutions from International Business Machines IBM built on the IBM FASP protocol. A cross-site scripting vulnerability exists in IBM Aspera Console versions 3.4.0 through 3.4.2 PL5, which stems from susceptibility to a cross-site scriptin...

PT-2024-27222

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A CP interrupt bug in the Linux kernel causes bad packet garbage exception codes to be raised. To address this, a range check has been implemented to prevent the debugger and runtime fro...

[SECURITY] Fedora 40 Update: qt6-qtcharts-6.7.1-1.fc40

Qt Charts module provides a set of easy to use chart components. It uses the Qt Graphics View Framework, therefore charts can be easily integrated to modern user interfaces. Qt Charts can be used as QWidgets, QGra phicsWidget, or QML types. Users can easily create impressive graphs by selecting o...

Nautobot 安全漏洞

Nautobot is a web automation platform by the individual developers of Nautobot. Nautobot has a security vulnerability that stems from a mismanagement of privileges vulnerability in the Nautobot dynamic-group-members UI and REST API. Affected products and versions: Nautobot versions 1.3.0 through...

PT-2024-26897 · Unknown · Ansibleguy-Webui

Name of the Vulnerable Software and Affected Versions: ansibleguy-webui versions prior to 0.0.21 Description: The issue allows injection of HTML elements in multiple forms, which are then evaluated by the browser after job actions are executed. This can lead to potential security risks. There are...

PT-2024-12614 · Ibm · Ibm Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.6 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted sessio...

编号撤回

GNOME Shell is a shell from the GNOME Project that provides core user interface functionality for the GNOME desktop such as switching windows, launching applications or viewing notifications. This CVE number has been withdrawn...

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2024-2c564b942d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-47710

IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 27152...

Eclipse Ditto vulnerable to Cross-site Scripting

In Eclipse Ditto starting in version 3.0.0 and prior to versions 3.4.5 and 3.5.6, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cro...

GHSA-HJFC-6JXR-J2RX Eclipse Ditto vulnerable to Cross-site Scripting

In Eclipse Ditto starting in version 3.0.0 and prior to versions 3.4.5 and 3.5.6, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cro...

CVE-2024-5165

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165 Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165 Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165

CVE-2024-5165 affects Eclipse Ditto 3.0.0–3.5.5. The Eclipse Ditto Explorer UI allowed user inputs to be improperly neutralized, enabling both Reflected and Stored XSS. Some inputs are only stored in local browser storage (UI settings/search queries), causing Reflected XSS; others are persisted i...

PT-2024-34794 · Eclipse · Eclipse Ditto

Name of the Vulnerable Software and Affected Versions: Eclipse Ditto versions 3.0.0 through 3.5.5 Description: The user input of several input fields of the Eclipse Ditto Explorer User Interface was not properly neutralized, making it vulnerable to both Reflected and Stored XSS Cross Site...

Huawei HarmonyOS and EMUI account module power-up vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and the EMUI account module are...