CVE-2024-4327

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-4327 Apryse WebViewer PDF Document cross site scripting

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2023-28049

Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete...

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS versions 10.8.1 through 10.9, which stems from the presen...

XWiki 10.9 < 13.10.11, 14.x < 14.4.7, 14.5.x < 14.10 Code Injection Vulnerability (GHSA-9pc2-x9qf-7j2q)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

Security Bulletin: CVE-2022-27452

Summary MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemcmpfunc.cc, which is backported and fixed in 10.5.16 Vulnerability Details CVEID:CVE-2022-27452 DESCRIPTION: MariaDB Server is vulnerable to a denial of service, caused by a flaw in the...

MariaDB Binary_string::free_buffer() component memory misreference vulnerability

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A memory misreference vulnerability exists in Mariadb v10.9 and earlier versions, which originates in the /sql/sqlstring.h component...

MariaDB item_func.cc:148 Denial of Service Vulnerability

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A denial of service vulnerability exists in MariaDB v10.9 and lower, which stems from a segmentation error in component sql/itemfunc.cc:148. An...

CVE-2022-27452

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemcmpfunc.cc...

ALPINE-CVE-2022-27444

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemsubselect.cc...

CVE-2022-27448

There is an Assertion failure in MariaDB Server v10.9 and below via 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc...

CVE-2022-27448

There is an Assertion failure in MariaDB Server v10.9 and below via 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc...

MariaDB 安全漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A denial of service vulnerability exists in MariaDB v10.9 and earlier versions, which stems from the sql/sqlwindow.cc component containing a...

Sql injection

A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. The only affected versions are 10.9.000032 through 11.0.000006...

CVE-2021-29108 There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below.

There is an privilege escalation vulnerability in organization-specific logins in Esri Portal for ArcGIS versions 10.9 and below that may allow a remote, authenticated attacker who is able to intercept and modify a SAML assertion to impersonate another account XML Signature Wrapping Attack. In...

Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Verify Privilege Vault previously known as IBM Security Secret Server

Summary Multiple vulnerabilities identified in IBM Security Verify Privilege Vault previously known as IBM Security Secret Server have been addressed in the release 10.9. Vulnerability Details CVEID: CVE-2020-4324 DESCRIPTION: IBM Security Secret Server could allow a remote attacker to bypass...

SUSE SLES12 Security Update : postgresql10 (SUSE-SU-2019:1783-2)

This update for postgresql10 to version 10.9 fixes the following issue : Security issue fixed : CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing bsc1138034. More information at https://www.postgresql.org/docs/10/release-10-9.html Note that Tenable Network Security h...

SUSE SLED12 / SLES12 Security Update : postgresql10 (SUSE-SU-2019:1783-1)

This update for postgresql10 to version 10.9 fixes the following issue : Security issue fixed : CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing bsc1138034. More information at https://www.postgresql.org/docs/10/release-10-9.html Note that Tenable Network Security h...

PostgreSQL 10.x < 10.9, 11.x < 11.4 Buffer Overflow Vulnerability - Windows

PostgreSQL is prone to a stack-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security fix for the ALT Linux 8 package postgresql10 version 10.9-alt0.M80P.1

10.9-alt0.M80P.1 built July 1, 2019 Alexei Takaseev in task 232693 June 20, 2019 Alexei Takaseev - 10.9 Fixes CVE-2019-10164...