34 matches found
CVE-2026-6914 MD5 checksum creation may cause availability loss
Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...
EUVD-2018-18297
Malware in sbrugna...
EUVD-2024-31528
Malicious code in bioql PyPI...
Security Bulletin: IBM OpenPages with Watson has addressed a reverse tabnabbing vulnerability (CVE-2020-4440)
Summary IBM OpenPages with Watson has addressed a reverse tabnabbing vulnerability CVE-2020-4440 Vulnerability Details CVEID:CVE-2020-4440 DESCRIPTION: IBM OpenPages with Watson could allow an authenticated user to replace a target page with a phishing site which could allow the attacker to obtai...
CVE-2024-33818
Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference IDOR via the userID parameter...
CVE-2024-33819
Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Save Query function...
CVE-2024-33818
Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference IDOR via the userID parameter...
CVE-2024-33818
CVE-2024-33818 concerns Globitel KSA SpeechLog v8.1, where an Insecure Direct Object Reference (IDOR) is exposed via the userID parameter. Multiple connected sources corroborate that the vulnerability exists in SpeechLog Analytics v8.1 and is triggered remotely (attack vector: network) with low c...
CVE-2023-45159
1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available from the 1E support...
CVE-2023-45159 1E Client installer can perform arbitrary file deletion on protected files
1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available from the 1E support...
CVE-2023-45159 1E Client installer can perform arbitrary file deletion on protected files
1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available from the 1E support...
CVE-2023-24078
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution RCE vulnerability via the component /FuguHub/cmsdocs/...
CVE-2023-24078
CVE-2023-24078 affects Real Time Logic FuguHub v8.1 and earlier, with a remote code execution (RCE) vulnerability exploitable via the /FuguHub/cmsdocs/ component. The NVD entry lists a high-severity CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Public material in connected do...
GHSA-FVF5-XP83-VRQP ICEcoder vulnerable to Path Traversal
ICEcoder v8.1 allows attackers to execute a directory traversal...
ICEcoder vulnerable to Path Traversal
ICEcoder v8.1 allows attackers to execute a directory traversal...
CVE-2022-34026
ICEcoder v8.1 allows attackers to execute a directory traversal...
CVE-2022-34026
ICEcoder v8.1 allows attackers to execute a directory traversal...
Directory traversal
ICEcoder v8.1 allows attackers to execute a directory traversal...
CVE-2022-34026
ICEcoder v8.1 allows attackers to execute a directory traversal...
CVE-2022-34026
The CVE-2022-34026 entry concerns ICEcoder v8.1, with a directory traversal vulnerability that could affect confidentiality. Multiple connected sources corroborate a path traversal flaw in ICEcoder 8.1, including advisories (GHSA/Red Hat/OSV) and PT-2022-21977 noting no available fix for version ...