Malicious code in stylelint-bem-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8b27f9be233ba1e0a20cd29efbd9d6a2b5982651dee648523dd66d48ee7ea09 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6339 Malicious code in stylelint-bem-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8b27f9be233ba1e0a20cd29efbd9d6a2b5982651dee648523dd66d48ee7ea09 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

XML External Entity Reference in drools

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

GHSA-RC57-9R3X-98CQ XML External Entity Reference in drools

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

drools 代码问题漏洞

drools is KIE open source a business rules management system . Open source rules engine, DMN engine and Complex Event Processing CEP engine for Java and JVM platforms. A security vulnerability exists in drools 7.59.x and earlier versions , the vulnerability stems from the Validator class in...

grub2 数据伪造问题漏洞

grub2 is a Linux system boot program from the US GNU community. A data forgery issue vulnerability exists in grub2 that stems from the shimlock validator allowing non-kernel files to be loaded...

Symfony Incorrect Access Control

Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator...

GHSA-Q87V-Q8FW-GMJ5 Symfony Incorrect Access Control

Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator...

CVE-2018-3776

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log...

Zend Framework CSRF Vulnerability

Cross-site request forgery CSRF vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers...

GHSA-Q5QW-4364-5HHM Django Vulnerable to HTTP Response Splitting Attack

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

GHSA-CQF7-FF9H-7967 Django ReDoS in validators.URLValidator

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...

GHSA-CVVX-R33M-V7PQ Improper Input Validation in Apache Struts

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

GHSA-86VQ-8QHC-5RQW Apache Struts vulnerable to possible DoS attack when using URLValidator

If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL...

ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0), be.objectify:deadbolt-core_2.10 (>=2.2.0 <=2.4.3) +1203 more potentially affected by CVE-2014-3558 via org.hibernate:hibernate-validator (>=5.0.0.Alpha1 <=5.1.1.Final)

org.hibernate:hibernate-validator MAVEN version =5.0.0.Alpha1, =1.0.0, =2.2.0, =2.4.0, =2.2.0, =2.4.0, =2.2.0, =2.4.0, =2.0.0, =4.0.0.Final, =4.3.0-beta-3 - br.com.caelum:vraptor-musicjungle =4.0.0-beta-1 - br.com.ingenieux.dropwizard:dropwizard-envvar =0.0.1 -...

ai.grakn.kgms:client (=1.4.3), ai.grakn:client-java (>=1.4.1 <=1.4.3) +768 more potentially affected by CVE-2014-3558 via org.hibernate:hibernate-validator (>=4.3.0.Alpha1 <=4.3.1.Final)

org.hibernate:hibernate-validator MAVEN version =4.3.0.Alpha1, =1.4.1, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =1.4.1, =0.13.0, =0.13.0, =0.14.0 and more Source cves: CVE-2014-3558 Source advisory: OSV:GHSA-845H-985R-JRQH...

Improper Authentication in Hibernate Validator

ReflectionHelper org.hibernate.validator.util.ReflectionHelper in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager JSM restrictions and execute restricted reflection calls via a crafted application...

biz.littlej.jreqs:jreqs-beanvalidation (=0.1.2), br.com.caelum.stella:caelum-stella-hibernate-user-types (>=2.0 <=2.1.1) +765 more potentially affected by CVE-2014-3558 via org.hibernate:hibernate-validator (>=4.1.0.Beta1 <=4.2.0.Final)

org.hibernate:hibernate-validator MAVEN version =4.1.0.Beta1, =2.0, =2.0, =3.5.0, =0.7.0.3, =0.3.1, =1.0, =1.16.0, =1.16.0, =1.0, =1.0.0, =1.0.4, =1.0.7, =1.5.8 and more Source cves: CVE-2014-3558 Source advisory: OSV:GHSA-845H-985R-JRQH...